2012
08.23

A cloud is typically a “multi-tenant” hosting infrastructure where the owners of the virtual machines in the IaaS are customers of the hosting provider. This might be a private implementation in a corporation, government agency, or university.  It might be a hosting company (such as Rackspace) selling capacity to anyone with Internet access and a credit card.

I worked in the hosting biz for 3 years using virtualisation for IaaS.  When I was asked about it, I told people that:

  • No customer/tenant could trust any other customer/tenant
  • I (the hosting company) could not trust any customer/tenant

That’s because:

  1. Some of the customers/tenants favoured convenience over security, or they were complete and utter morons
  2. I didn’t know them from Adam and they could have been up to no good

Trustworthy isolation was critical, and the virtualisation being used had to be rock solid.  I could not risk one tenant getting access to another, and I absolutely in any circumstance could never let them near the infrastructure.

And that’s why a post on a Microsoft Canada blog which linked to a research article caught my attention yesterday.

Long story short: A hacker can craft a VMDK descriptor file, upload it to a cloud (a feature that is offered for migration), and configure that descriptor file to load VMware ESXi system files directly into the virtual machine.  They successfully tested this on ESX 5.0, loading the /etc/shadow file, which according to nixCraft:

… stores actual password in encrypted format for user’s account with additional properties related to user password i.e. it stores secure user account information

Woops!  That sounds like a file you don’t want to be making readily available.  Remember: this was a “hosting customer” that uploaded a VM as a guest, fired up the VM, and gained access to the usernames/passwords of the host.  They also got access to other files such as system logs. 

They then went on to gain access to all physical hard drives on the host.  You have to be kidding me!!!!!

So if you are a company setting up a cloud with VM upload/migration features, and basic security is important, then don’t use vSphere 5.0.

Technorati Tags: ,,

No Comment.

Add Your Comment

Get Adobe Flash player