[NTLUG:Discuss] Browser Security Question?

Greg Edwards greg at nas-inet.com
Thu Sep 16 09:59:11 CDT 2004 

Robert Pearson wrote:
>>   tr_data1 wrote:
>>
>>>Robert Pearson has what I consider important questions about the
>>>security of running M$ IE on Linux via Crossover/VMWare/etc. Not
>>>intending to hijack his thread:
>>>
>>
>>Greg Edwards wrote---
>>It's not that IE is more secure when running in VMware...
>>...
>>Using IE in a VMware virtual machine should not be a major worry about your Linux
>>environment, but your Windows environment is just as vulnerable as running
>>Windows on a dedicated machine.
>>
> 
> 
> I'm just a user. Don't claim to be an expert. As a user I do have
> Security concerns about Windows running over Linux or Unix. VMware,
> and all the others, may be robust enough to withstand the assault when
> Linux or Macs grow in popularity enough to become a focus of the
> hackers. "Techie" hackers might find it to be a real challenge to use
> Microsoft products to bring down Mac's and VMware machines.
> 
> Historically Virtual Machines have not been completely Virtual. They
> have been crashed by really errant applications. An errant application

> 
> Thanks,
> Robert Pearson
> rdpears at gmail.com
> 

Robert,

VMware is a bit of a different animal than most of the Linux packages that 
try to emulate Windows.  I've been using it for several years and it's 
pretty solid.  There are a few things that it doesn't do very well, but 
for the most part running windows apps in it is fairly reasonable.  Games 
are not the best and sound is somewhat flaky.  Printers connect as network 
printers so you don't get some of the latest windows driver options that 
haven't been added to the Linux drivers yet.

Where VMware beets the others, IMO, is that the OS loaded in the virtual 
machine is not aware of the actual hardware that Linux is running on. 
They load a BIOS in the virtual machine so that the OS boots using that 
BIOS and not the real BIOS.  This has the advantage that the OS running in 
the virtual machine cannot get to the physical hardware without going 
through the VMware API.

Security is still an issue!  The Windows session running in the virtual 
machine has all of the same security issues as any other workstation 
running on an internal network.  But since it looks and acts just like any 
other workstation on the network you can easily keep it isolated from the 
Linux machine that it is actually running on.  You can set up VMware to 
only be allowed to use the network for routing to the internet and your 
Linux environment won't be seen by any programs (or viruses) running in 
Windows.

IMHO, VMware is a solid product, but it's not free.
-- 
Greg Edwards

Software Engineering Services - http://consult.nas-inet.com
Custom Hosted Websites        - http://www.nas-inet.com

More information about the Discuss mailing list