R. David Whitlock
ryandav at u.washington.edu
Wed Feb 9 11:32:40 PST 2000
Running VMware as root shouldn't cause the end of the world, and while
paranoia is an admirable quality in a sysadmin, there are some programs
that make this difficult. VMware, because it needs certain kinds of
access to the hardware, will almost certainly require (unless they've made
a big effort to put that feature in) root access to get what it needs in
If attackers are not getting into the system, and VMware isn't running
anything that listens to open TCP/IP ports, then it doesn't seem to
present such a big risk to me. Running the prog as root will allow it to
make serious changes, so you should also be careful about what you let it
do/change on your system, but I think that's all.
There are more paranoid persons on the list who may disagree, with good
reasons, but I think for a single user system this is fair enough to
On Wed, 9 Feb 2000, Benjamin Honsinger wrote:
> I didn't know this - I think it is plausible that you are right, it doesn't
> seem to work well otherwise. However, I haven't found anything that
> specifically says this on the VMware web site.
> I have been made to understand that you don't want to run programs as root
> in Linux if at all possible. What would running VMware do security wise? I
> would like to keep this machine as secure as possible. I already have daily
> attempts to hack it.... Of course I've blocked the attacks and they haven't
> been successful, but security is definetly an issue here. It'd be great if
> someone would give their opinion/known facts on this.
> ----- Original Message -----
> From: "R. David Whitlock" <ryandav at u.washington.edu>
> To: "UW Linux Group" <linux at u.washington.edu>
> Sent: Tuesday, February 08, 2000 6:53 PM
> Subject: Re: Access Permissions
> > I seem to recall VMWare _required_ the use of the root account.
> > ?
> > Have you checked the web page to make sure its possible to run it without
> > that ability? Am I not understanding what your intentions are?
> > On Tue, 8 Feb 2000, Cliff wrote:
> > > Well, you could change the ownership for /dev/hda tho I've never done
> > > that. If you give your user account full access to the drive, why
> > > wouldn't it be better to just login as root. I'm just curious why you
> > > didn't want to do that...
> > >
> > > Cliff
> > >
> > >
More information about the Linux