Big security risk with global sharing

Discussion in 'Parallels Desktop for Mac' started by goron, Jan 24, 2007.

  1. goron

    goron

    Messages:
    13
    In Parallels Desktop 3120, there is an option (on by default) to "enable global sharing for drag-and-drop."

    Whilst this is a nice feature, it seems to be implemented by having a semi-hidden (ie, not in the list) shared folder called ".Mac".

    This folder gives read/write access to the entire Mac boot drive :eek:

    Given the amount of viruses and other malware on Windows, the last thing I want is the virtual XP having full read/write access to my Mac!

    This feature should be turned off by default and a big warning shown before turning it on.
     
  2. ATXP

    ATXP

    Messages:
    66
    Agreed. Should have been turned off by default.

    I asked this question when RC1 came out but no one gave me the right answer. Then I have to figure all this out by poking around the configuration.
     
  3. dkp

    dkp

    Messages:
    1,367
    This has been discussed and solved for RC1. Search the recent archives. The solution is to disable global sharing and to scream like hell to the beta@parallels.com mailbox to turn this crap off.
     
  4. DerekS

    DerekS

    Messages:
    60
    Couldn't agree more, this feature is extremely dangerous and I won't use it. The only benefit it brings, as far as I can tell, is that you get WinXP progress dialogs for file copies in/out of the VM as oppposed to MacOS progress dialogs in the Parallels window.
     
  5. Stitch

    Stitch

    Messages:
    3
    Thanks for bringing this to attention!

    Someone could design a virus to ravage OS X for parralels users. That would quite easily put off a lot of potential buyers eh...
     
  6. neosublime

    neosublime

    Messages:
    62
    OK... TOO MUCH. You people are as bad as cnn with it's, "be afraid of cookies", and it's, "better have a firewall", scare tatitics. Granted it mat be a posibility some day for some sort of security risk, but if any of you can go into \\.PSF\.Mac\private and create, or delete files and folders, let me know.

    I thought right away that this was a major mistake on the part of Paralles Team, but it seems to be pretty safe by me. It's the same as if you were to map your home folder to your drive. Yes anything that you have read and write access to may be at risk, but isn't that the "World of Windows" for you?

    The reason I use a Mac is because I was sick of Windows security, usability, and licensing. So... therefore, I no longer use Windows. BUT, there are a few programs I use that are windows only.

    If you are concerned about security and a big bad virus, disable your networking. Don't let windows have Internet access, and for god sake don't surf along blindly clicking away with IE. I can run an unpatched Windows 95 system all day long with no virus software and not have a thing to worry about... AS LONG AS IT'S NOT CONNECTED TO THE INTERNET!

    So please don't buy into the same fear that christians, and politicians try to sell. Don't be so scared, just more cautious. Educate yourself.
     
  7. dkp

    dkp

    Messages:
    1,367
    Here's some education for you. Not connecting to the Internet is only slightly more useful than leaving the VM off - it's not going to happen. Here's another flash, Einstein - your entire hard drive is available to Windows for harvesting. But wait, there's more. All your remote mounts are available for harvesting. Oh yes - you not only get to expose your own Mac, but every system that can be discovered in /Volumes. Do you have any idea how much information that presents to a harvesting drone?

    This is a bad idea that should be turned off and rethought.
     
  8. neosublime

    neosublime

    Messages:
    62
    proof of concept.............?

    anyone...............?
     
  9. unused_user_name

    unused_user_name

    Messages:
    495
    Run locate in cygwin in the VM... turn ON searching over network mounts.

    Wait 20 minutes.

    Search for (some document that windows should not be able to see).
     
  10. unused_user_name

    unused_user_name

    Messages:
    495
    A better example:

    http://www.cert.org/advisories/CA-2001-22.html

    This virus infects files in unprotected (i.e. no password) windows file shares.

    All someone would need to do is get a copy of it and change the payload to infect unprotected MS word documents with the latest and greatest windows virus. Something like this:

    http://www.symantec.com/security_response/writeup.jsp?docid=2006-051914-5151-99

    The mac itself would be immune, but all your friends who have windows boxen would get the virus when you send them a .doc file. Effectively the Windows virus can get out of the sandbox of the virtual machine and infect Mac documents.

    You could also (fairly easily) add a little program like synergy (http://synergy2.sourceforge.net/) to the payload. Have the virus add that to the Mac user's startup script and you have a zombie machine that is a Mac.

    If I wanted to (I don't) I could turn this into a real-live working Parallels Windows crossing to Mac virus without even having to write too much source-code.

    Parallels developers: PLEASE get rid of this option. The people that do not understand any of that stuff up there are the people that are most at risk from this option. Don't make it so that you can turn it off, just get rid of it. Go back to the old file copying method, just bugfix it.
     
    Last edited: Jan 25, 2007
  11. drval

    drval

    Messages:
    490
    Or simply use antivirus, firewall and anti-spyware on the Windows side as has been the case all along for Windows.

    Ooops, I forgot I gave a clear solution to this supposed "problem" and here we're apparently supposed to be trashing the whole idea of Parallels and inter-operability here. Mea culpa.
     
  12. dkp

    dkp

    Messages:
    1,367
    Anti-virus tools have no defense against day one viruses. Windows has a long history of vulnerabilities that can be lit off simply by visiting the wrong web site. It's a bad mix. Don't trivialize the possibilities this presents to crackers. I deal with Unix security every day and the last thing you want/need is to have your entire file system shared out to windows systems.
     
  13. rhind

    rhind

    Messages:
    84
    Precisely. And that is why I map my home folder as read-only because. So while the global share doesn't give it write access to system folders, it does give write-access to places that I have tried to forbid Parallels from accessing. Hence why I've turned it off. All my important documents are in my home folder, so don't want to run the risk of something happening to them (even though I have numerous backups).

    Cheers

    Russell
     
  14. rhind

    rhind

    Messages:
    84
    I'd just like to say that I haven't been infected by a virus on a windows machine, and I do run anti-virus and firewall software to help reduce the risk. But what you are suggesting isn't a solution. Anti-virus software works by detecting 'known' viruses and similar viruses. It can't protect about 'unknown' viruses (i.e. new ones that have got definitions for them yet) so it isn't the perfect solution.

    Neither is not give windows read/write access to my home folder, but it is a start.

    Cheers

    Russell
     
  15. neosublime

    neosublime

    Messages:
    62
    (NOTE: This response is with a completely humble an non cynical attitude.)

    I understand, and agree with you ALL that, "in theory", it could happen. But the examples that have been given are scenarios wher the "bad guy" already knows you have have a mac running parallels with an XP VM.

    I no longer use synergy, as I have condensed my desk down to one system. I have no need for cygwin because I have a Mac now.

    I do believe that this feature should be turned off by default, but removing it is unnecessary . Once again we are all on the Mac platform. I guess all of you that buy the fear also bought Norton Anti-Virus for the Mac too.

    I can write a virus for any machine at any given time. But will it spread? Will it work on all systems? No. Many educated techs run windows without AV software.

    I am not insulting any of your intelligence, as I beleive you ALL are very tech savy users, or you wouldn't even know what a virtual machine is. (Trust me, if I explain it to my clients, they look at me in confusion.) All I'm saying, is that we should always be alert of possibilities, but not run around screaming our heads off that the sky is falling.
     
  16. drval

    drval

    Messages:
    490
    Yes, and I'm also a Unix hack for over twenty years now.

    Let's not peddle fear but deal with realities instead. Mac isnt more secure per se than Windows, it's less prominent becaue of its relatively small market share. Windows is ALWAYS a target because of it enormous market share.

    And it's because of day one viruses -- among other reasons! -- that one has complete backups. Or are you saying that Mac needs NO such backups? If you're doing backups anyway AND you have a problem with a day one virus, you can simply redo the system -- like you would with ANY complete restore from backup.

    You don't to use Windows and Mac, then don't but there are a number of us -- a very large number -- who want that precise feature.
     
  17. neosublime

    neosublime

    Messages:
    62
    Very well said drval.
     
  18. dkp

    dkp

    Messages:
    1,367
    The bad guy doesn't have to think about it. It's not like the old days where they hunt and peck. Script kiddies just run canned tools and wait for results. The people who write the tools are pretty damn clever. This is a new opportunity just waiting for exploitation.
     
  19. dkp

    dkp

    Messages:
    1,367
    And complete irresponsible BS. Nobody is saying to not provide the functionality. This is just not the right or safe way to do it.

    Nobody is peddling fear - we are discussing real security in the real world. There is nothing to be gained by fear mongering nor by ignoring basic security guidelines.

    Nobody is arguing that backups are a bad idea - what is being suggested is to be pro-active and not allow the exploit in the first place. It is expensive and inexact to try to recover lost data/files/configurations after an exploit, and you can never get back what has been distributed across the internet.

    The problem is quite easy to test (but please don't!!)
    * Open an OS X terminal session
    * cd to /
    * Run rm -r * # This is DANGEROUS!
    * Wait

    This will destroy a lot of things and this is the capability a trivial UNC capable Windows app has thanks to the global share.

    Another test - use a Windows tool to copy files into the Mac file space until all the space is gone and watch what the Mac response is. A trivial malicious windows app can do this.

    These tests are DANGEROUS! Do not repeat them at home!
     
  20. rhind

    rhind

    Messages:
    84
    And when your machine is used for business, having it out of action for a day or a few days can be extremely costly, even if you don't loose and data because of backups.

    Being self-employed I'd rather take as few risks as possible.

    Cheers

    Russell
     

Share This Page