LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Virtualization and Cloud
User Name
Password
Linux - Virtualization and Cloud This forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.

Notices

Reply
 
Search this Thread
Old 08-17-2013, 03:17 AM   #1
\/4A
Member
 
Registered: Aug 2012
Posts: 112

Rep: Reputation: Disabled
Can Malware in VM trickle down to Linux?


Hi,

I'm using VirtualBox on Linux Mint 15 and wish to install my Win7 OS as a VM.

My concern however is, what if my "virtualized" Win7 gets infected with malware or stuff; can my Linux Mint get affected? (ofcourse I will install anti-virus things in Win7)

Would really appreciate some help on this pls
 
Old 08-17-2013, 04:26 AM   #2
Thor_2.0
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,209
Blog Entries: 23

Rep: Reputation: 279Reputation: 279Reputation: 279
Hey there and welcome to the forum! With a cool question!

The simple truth: no, infection is not possible. A virtualised machine does not know it "lives" on top of an other machine...

Let's examine an infection step by step:
- malware/spyware/iffyware comes on a system
- it needs execute rights, in ***dows, that's not a problem, on Linux...it's not likely it gets executed
- it needs to find the startup files, in a ***dows system, it's right there, but...on a Linux system, it can be anywhere. Fedora starts up differently than Manjaro...
- it needs read rights, so what if it reads these files
- it'll try to edit them in user space (the space it invaded as it came in) - so what
- it'll try to save the altered startup file(s), in a ***dows system that's a snap, on a Linux system...not likely to happen. It has the same rights the user has, the user cannot alter these files, neither can it...

It's likely your harddrive (and anyone else's for that matter) is littered with ???ware that never got started up, and even then could'nt get the system infected...a real "boneyard" - creeeeeepy....

I'd not worry about this. It's likely your virtualised ***dows will die, at one point some time (thus is the fate of these systems anyway)...but, that's only in the confines of the VM...

Thor
 
2 members found this post helpful.
Old 08-17-2013, 04:42 AM   #3
\/4A
Member
 
Registered: Aug 2012
Posts: 112

Original Poster
Rep: Reputation: Disabled
Thor_2.0 Thank you very much for the super explanation. It's cleared all doubts and given me even more confidence to stay married to Linux.
 
Old 08-17-2013, 04:47 AM   #4
Thor_2.0
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,209
Blog Entries: 23

Rep: Reputation: 279Reputation: 279Reputation: 279
Quote:
Thank you very much
You're welcome!

Quote:
to stay married to Linux.
Congratzzz, at least it's a bed partner that will not "sleep around"

Hope to read more of you!

Thor
 
Old 08-17-2013, 06:56 AM   #5
Doc CPU
Member
 
Registered: Jun 2011
Location: Stuttgart, Germany
Distribution: Mint, Debian, Gentoo, Win 2k/XP
Posts: 999

Rep: Reputation: 294Reputation: 294Reputation: 294
Hi there,

Quote:
Originally Posted by Thor_2.0 View Post
Quote:
Originally Posted by \/4A View Post
[...] to stay married to Linux.
Congratzzz, at least it's a bed partner that will not "sleep around"
no, on the contrary: It's a system that is supposed to mate with many others. But nobody thinks evil of that because it's considered safe, as opposed to screwing around with Windows. ;-)

[X] Doc CPU
 
Old 08-17-2013, 12:03 PM   #6
dyasny
Member
 
Registered: Dec 2007
Location: Canada
Distribution: RHEL,Fedora
Posts: 837

Rep: Reputation: 91
To get things into a real proportion:
1. Under a secure hypervisor, the VM should not even be aware of it being virtual, so unless you get a virus that is specifically targeted at trying to get into the underlying hypervisor (exploiting a weakness, and those are very rare), you're safe.
2. If you get a windows virus into a linux (or any other non-windows) system, it can only be a binary file, a bunch of data that cannot be executed.
3. virtualbox is not very security oriented, but in the industry standard hypervisors like KVM, you have additional security issues, like sVirt, which locks every VM down into an execution container, and even if the VM-hypervisor boundary is breached, the only thing compromised on the hypervisor will be that container, unable to break out into the actual host OS.

In short, keep your windows secure and don't worry about the host OS too much. This doesn't mean the host OS can't be attacked directly, but there are other means of defending against that.
 
Old 08-17-2013, 09:07 PM   #7
jefro
Guru
 
Registered: Mar 2008
Posts: 11,516

Rep: Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403
It is actually possible but has not been reported as a threat. It has been noted on several instances where it might be possible and some patches set in place.

There is no substitute to best practices in any case. If you ran windows badly you could run linux badly.
 
Old 08-17-2013, 11:23 PM   #8
Thor_2.0
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,209
Blog Entries: 23

Rep: Reputation: 279Reputation: 279Reputation: 279
@ Doc CPU - touché, learned something here...and, she'll not cheat on you either. Oh, she'll mate around, but you'll know...and you'll know for shure, that even though she mates around, you're her only love...I love Linux...
(that...and I have to get out more...)

Quote:
There is no substitute to best practices in any case
...that said...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Red Hat Enterprise Linux and the Trickle-Up Effect LXer Syndicated Linux News 0 11-17-2010 09:42 PM
[SOLVED] May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 22 08-17-2008 01:05 PM
May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 1 06-12-2008 05:10 AM
how to use trickle ?? starking Linux - Newbie 3 07-16-2004 07:48 AM


All times are GMT -5. The time now is 09:26 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration