Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hi. if i install a linux guest on windows host in a virtualised environment (qemu for example), will any malware that might already exist on the windows host have access to the virtualised linux, or will the new virtualised environment be safe?
for example, if the host have some malware that i am not aware of that tracks keystrokes, will any password i type in a browser in the virtualised linux be vulnerable?
thanks
Last edited by o12357; 05-27-2012 at 05:03 AM.
Reason: p.s.
While I don't grok Windows like I grok Linux virtualization services like QEmu, VMware, etc, etc depend on services and drivers loaded by the OS so given that interception and subversion in Windows can occur in different places and at different levels so my answer to that is "it depends". If you would for example have a password-stealing trojan loaded in Windows and you would have installed say Joomla in QEmu then accessing the guest over FTP might leech your credentials. Likewise if you would have a keylogger installed key sequences are still routed like physical keyboard -> Windows keyboard driver -> OS -> virtualization service -> guest. So IMHO this essentially is not a Linux but a Windows-related question. Additionally if your intent is to "have something safe" on a known infested host then I'd suggest you don't proceed but clean up the host instead.
thanks for the reply unSpawn.
i do appreciate that the situation i am describing is far from ideal.
the reason i am proceeding with this line of thinking is that i do not know how to verify that a windows machine is clean, and i was wondering if i can create a relatively malware free environment for activities such as internet shopping by setting up a virtualised linux in qemu on windows host. i am aware of the fact that simply running linux is a much better solution. this is what i do on my own machines. but i have some family members that only use windows, so i am trying to make things safer.
Last edited by o12357; 05-27-2012 at 06:53 AM.
Reason: mistake
i have some family members that only use windows, so i am trying to make things safer.
If they're accustomed to using Windows then Linux might just be alien to them. Windows can be hardened to some extent, remove Java, remove Adobe or Macromedia PDF viewer, avoid web, email and such natively provided applications, choose anti-malware and antivirus tools, make backups, if you have a spare machine you could set it up as a scanning proxy (HAVP?) and allow them access to it but most of all it's behavioral discipline: set to update everything automatically and don't visit / click anything that is highly attractive in a "too good to be true" way or dodgy.
The vm is no more at risk than any other lan connected computer for the most part.
It is generally considered to be safe running a linux VM on a windows host. The same issues that plague any system is the way malware can access OS's. Since you don't have tools like guest additions in qemu it is safe from some attacks. Qemu does allow you to mount a sub directory that could expose the OS to some harm.
A more secure way may be to boot to a live cd/dvd that doesn't mount the hard drive. I am not sure if this has been attacked yet but may be one of the more secure ones. http://www.spi.dod.mil/lipose.htm
Can you get enough disk space to dual boot Linux instead? That should avoid most MS nasties?
If its only basic stuff like shopping/banking, you shouldn't need very much disk space.
i am going to stick with the vm solution as internet kiosk only.
if i understand correctly, this should avoid many of the threats that the windows host might be exposed to. better then nothing.
as for dual boot and live solutions, even though they are much better, i want to keep it as simple as possible for the users, as my family are not used to anything beyond basic windows use.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.