The Washington Post says Parallels is bad...

Discussion in 'Parallels Desktop for Mac' started by scottmcdaniel, Feb 10, 2007.

  1. scottmcdaniel

    scottmcdaniel

    Messages:
    12
  2. dkp

    dkp

    Messages:
    1,367
    According to Parallels and Dr. Val you should just not worry your little head about it.

    Here's the situation. When Parallels creates a new Windows VM it also creates what is called a Global Share. This is a tunnel through your Windows firewall and your OS X firewall that allows your Windows VM to have read/write access to the root level of your OS X hard drive. That has possibilities for a virus writer.

    A well constructed Windows virus can:

    - copy your virtual machines to a remote site where they will be installable and executable on the thief's system. The perfect crime - you won't even know it's happened.
    - delete your home directory and all it's contents
    - install a wicked vicious binary or Perl script on your OS X hard drive, modify your OS X shell rc/profile script so that the wicked vicious tool will be launched the next time a command line window is opened.
    - harvest most everything on your hard disk - limited only by what your user account is prohibited from seeing.

    This has all been discussed to death here. Find and read the "Big security risk with global sharing" thread. It's been on the front page for some time.

    It has also started to be discussed as a topic on technoblogs around the blogosphere. The author at the Washington Post is quite right to worry.

    At least one developer from Parallels has said it is nothing to be concerned with. Others, me in particular, have claimed it is irresponsible of Parallels to allow this to be a default installation option without so much as offering the user full disclosure as to what it can mean.

    No, Val, I did not call the WP.
     
    Last edited: Feb 10, 2007
  3. drval

    drval

    Messages:
    490
    I think you are exactly on target and that you'll catch a lot of flak from certain other quarters.

    Part of the problem here is that -- oh my god!!! -- Windows is now transparently available on Mac platforums. Some are scared by that for a lot of different reasons. Most users, however, realize that Windows is Windows and you need to know that.

    But, then again, Windows is the dominant OS now so perhaps it's not just some godawful death trap, but actually can be useful.
     
  4. chrisj303

    chrisj303

    Messages:
    72
    I was ALWAYS under the impression that parallels runs windows in a 'locked down' or sandboxed enviroment - and i'm sure a lot of other users are to. It will not take many infected mac's for word to spread (for the worst), and if all it takes to reduce the likelyhood of this happening is to have Global File Share OFF by default, Parallels must be mad not to.
    I bought my Mac to avoid security issues and virus' , i would drop parallels in a heartbeat if this had to change.
    With any luck articles such as these will increase in number, and will maybe push parallels into sorting it out.
     
  5. drval

    drval

    Messages:
    490

    What's to "sort out"? Turn off Global Sharing if you don't want it active. Or, better yet, if you're really scared off Windows, don't use it at all. Or simply stay off of the internet and networking while using it.
     
  6. chrisj303

    chrisj303

    Messages:
    72
    Oh, i forgot to ask,
    Since reading the other thread on this issue, i turned GFS to OFF. My immediate responce was to then run my VM and see what the consequences would be.
    I've noticed NO changes in functionality at all. What are the supposed benefits of having GFS set to ON, as there must be a reason for it's existence!
     
  7. chrisj303

    chrisj303

    Messages:
    72
    It's a much better idea to have users manually switch it ON, after being issued some sort of warning/disclaimer about the (possible) security issues regarding it's use.
    I had no idea of it's presence, and it's implications until i read the other thread - and i'm sure there are a lot of users in the same boat.
     
  8. dkp

    dkp

    Messages:
    1,367
    This is not the default situation - it is user selectable but you have to select it. You may give up some drag and drop functionality or performance, but in the end it is all in your hands. It is not documented well, and that perhaps is the biggest problem.
     
  9. drval

    drval

    Messages:
    490
    Perhaps you'd like to ask Parallels directly about that? Try beta@Parallels.com if you're so inclined and, if you get a response, post it here as well so we can all see it.

    Perhaps GFS is still on even though it says it's off. Maybe your system has already been attacked and compromised. Maybe GFS is actually OFF when everyone thinks it's on. Perhaps it's all a non-issue whether it's off or on. Perhaps this has largely been a manifestation of the distrust that some seem to have of Windows. Perhaps, perhaps, perhaps.

    I still fine it incredible -- esp if the same functionality is there with it OFF or ON -- that certain people have been SO UPSET about this particular functionality. It seems strange to me that simply having the default for that flag being set to FALSE would (supposedly) soothe the savage beast(s) out there because it would CLOSE THE HOLE and shut off the sand box; and yet there still seems to be the same functionality with or without that setting being enabled.
     
  10. dkp

    dkp

    Messages:
    1,367
    If you have associated a Windows email attachment to an OS X application it may work slower or not at all. Drag and drop goes way beyond hauling files here and there.
     
  11. dkp

    dkp

    Messages:
    1,367
    I can explain that (again). If the global share is off OS X is not exposed. If there is no reason to have global share on as you suggest, then leave it off. It conveys no advantage. I don't think that is true when you explore application level associations.
     
  12. dkp

    dkp

    Messages:
    1,367
    I'm glad you found us. Now, at least, you can make informed decisions about your Parallels experience.
     
  13. AlanH

    AlanH Kilo Poster

    Messages:
    316
    I've turned GFS off, but I don't have a workflow that would benefit from very close integration of the two environments, and I have no plans that would require it.

    I've also decided I'll run in OS Window mode. Coherence has the effect of putting the wolf into sheep's clothing. I actually like Windows to be in a well-defined box where I can lock it down and deal with it as a separate entity. A cosmetic issue, I know, but I prefer the constant reminder that it's still a wolf.
     
  14. Hugh Watkins

    Hugh Watkins

    Messages:
    943
    Microsoft has always advised for daily use on line do not habitually log on as an admin

    but use a limited user ID

    have any instances been reported or a proof of concept virus been written than can go through both Norton or AVG ante virus and Sygate Personal fire wall for example?

    Hugh W
     
  15. dkp

    dkp

    Messages:
    1,367
    I run Windows and all VM's, actually, in a window. To manage desktop space I use Desktop Manager, - the universal version found here: http://www.versiontracker.com/dyn/moreinfo/macosx/21594

    I prefer it over Virtue Desktop but do wish the author would work on it again. The author's page is here: http://desktopmanager.berlios.de/ and has screen shots etc. I have 6 virtual desktops at this time so I can move quickly between VM's, applications, email, etc. without overloading my screen with applications.
     
  16. Resuna

    Resuna

    Messages:
    54
    I think you're looking at the wrong place.

    The problem isn't that the option is there, the problem is that the capability for creating that option is there. The component in parallels that provides the "glue" between parallels and the OS X file system is running with too high a privilege.
     
  17. dkp

    dkp

    Messages:
    1,367
    You are killing the patient with kindness. Many of us run Parallels VM's in a clean room environment where this capability is useful but not a danger. This option, when well documented and understood, can be a good thing. The rest of the time it is just plain spooky.

    And you are wrong about the privilege level - it runs with user permissions but does provide read/write access to the entire Mac drive. The Mac file permissions finally control what can and cannot be modified or read. That is still quite a large exposure, of course, which is why I've advocated leaving it off by default.
     
  18. dm3

    dm3

    Messages:
    46
    dkp is right. WashingtonPost is right.

    Mac OS X is a very secure operating system. However, bad things can still happen if you willfully give a malicous program (malware, virus, spyware) the permission to run on your Mac OS X system.

    Parallels has created a huge open back door by allowing Windows programs complete access to your Mac OS X file system. By running Parallels, you've essentially given permission for any Windows malware to run rampant in your Mac OS X filesystem, bypassing Mac OS X built in controls.

    This is completely unacceptable. Parallels will change this sooner or later. The more they delay, the more harm it will cause them in reputation. This is not the type of press they are after.

    drval is completely wrong. I'm not sure what this person's background is, but they apparently don't understand why Windows is insecure and why Mac OS X is secure, nor do they seem to care.
     
  19. dkp

    dkp

    Messages:
    1,367
    Not quite. Parallels provides to Windows the same access to your Mac hard drive that you already have when you log into your Mac. The concern is that this is defined by default when creating a virtual machine, and there is no advise to the user in the help screens nor in the documentation that would help the user understand the consequences of this choice. The important thing to remember is that Unix file permissions are still there and still working - Parallels does not bypass them.

    Suppose you have two or more user accounts on your system (it's a common system in a kiosk). If you log in and start Parallels and Windows with a global share, Unix permissions will prevent you from crawling the home directories of other users (assuming nobody with admin access has changed those permissions). So certain areas of the Mac disk remain safe from read and write access, but none of your own directories are protected, and any writeable file areas such as /var/tmp, /tmp are accessable for any purpose a malware may choose.
     
  20. Resuna

    Resuna

    Messages:
    54
    Then for most users this is not a significant exposure. The way you were all going on it sounded like this was bypassing the file system privileges (for example, the comment in one of these threads about "rm -r /"). If someone's doing something in their Parallels environment that actually matters to them, they're already exposed to Windows exploits.

    For people using Parallels for 'clean room' purposes... I would assume they would run with all features not absolutely necessary disabled, including leaving out the parallels tools if they can manage with the default VGA driver, and doing file sharing by mounting a Windows drive in the parallels environment from Samba in OS X.
     

Share This Page