Re: [Tails-dev] VirtualBox host software vs. networking

Borrar esta mensaxe

Responder a esta mensaxe
Autor: intrigeri
Data:  
Para: The Tails public development discussion list, adev
Asunto: Re: [Tails-dev] VirtualBox host software vs. networking
Hi,

ade: ping about what follows :)

intrigeri wrote (01 Mar 2013 13:38:05 GMT) :
> Hi,


> ade wrote (12 Feb 2013 18:59:26 GMT) :
>> Step I did:


>> 1. Install virtualbox


> Just FTR, what host OS / version of VirtualBox were you using?


>> 2. Modprobe remove the vboxnetflt kernel module


>> 3. Setup various tails virtual machines to test them out, and ran
>> do_not_ever_run_me script on all guests and the host machine to try out
>> manual iptables configurations.


> Just to be clear, did you reset the firewall rules on the host system
> before or after starting the VirtualBox services and virtual machines?
> (I'm concerned VirtualBox might play with firewall rules on the host
> e.g. when starting a VM, so this may be worth double-checking.)


>> As a result of unloading the vboxnetflt kernel module virtual machines
>> would not start if they had a host-only networking adapter, or bridge mode
>> networking adapter attached to them.


>> This is what we expect.


> OK.


>> With vboxnetflt kernel module unloaded, the NAT networking mode still
>> functioned correctly, but bridge mode would not. This is good.


>> I did a very basic and quick test of iptables and with NAT mode networking
>> enabled, the host iptables firewall was still able to control the virtual
>> machines traffic.


>> Setting the OUTPUT policy of the host machine iptables firewall to DROP
>> stopped the guest tails from sending outbound pings to the host machines
>> eth0 interface


> Good.


>> So it looks like Virtualbox could be shipped without support for bridge
>> networking, or without any networking support at all. In future it looks
>> promising that the NAT mode could be useful to provide the guest OS with
>> Tor access. Lack of vboxnetflt should stop bridge mode and associated
>> leaking from the guest OS if the host iptables firewall is configured
>> appropriately.


> Good to know.


>> Is there any interest in shipping Virtualbox with bridge mode disabled (or
>> no networking at all) but include a script that only root can run, to
>> enable bridge mode for those that want to use it?


> Well, either we are able to support networking without breaking Tails
> properties, and in which case we should just enable it, or we are not
> able to, and in which case I'd rather not ship such a script.


>> What does everyone think about this?


> I'm glad to see progress made on this, even though it's progress
> targeted at the step after the next one, it's motivating! I'm still in
> favor of shipping VirtualBox host software with no networking support
> at all (baby steps!) ASAP, and *then* see how we can add
> support networking.


> I've tried to summarize the current state of things on
> todo/add_virtualbox_host_software. Help is welcome for the next steps!


> Cheers,


--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc