Chapter 13. Security guide

Oracle VM VirtualBox

Chapter 13. Security guide

13.1. General Security Principles

The following principles are fundamental to using any application securely.

Keep Software Up To Date

One of the principles of good security practise is to keep all software versions and patches up to date. Activate the VirtualBox update notification to get notified when a new VirtualBox release is available. When updating VirtualBox, do not forget to update the Guest Additions. Keep the host operating system as well as the guest operating system up to date.

Restrict Network Access to Critical Services

Use proper means, for instance a firewall, to protect your computer and your guest(s) from accesses from the outside. Choosing the proper networking mode for VMs helps to separate host networking from the guest and vice versa.

Follow the Principle of Least Privilege

The principle of least privilege states that users should be given the least amount of privilege necessary to perform their jobs. Always execute VirtualBox as a regular user. We strongly discourage anyone from executing VirtualBox with system privileges.

Choose restrictive permissions when creating configuration files, for instance when creating /etc/default/virtualbox, see Section 2.3.3.7, “Automatic installation options”. Mode 0600 would be preferred.

Monitor System Activity

System security builds on three pillars: good security protocols, proper system configuration and system monitoring. Auditing and reviewing audit records address the third requirement. Each component within a system has some degree of monitoring capability. Follow audit advice in this document and regularly monitor audit records.

Keep Up To Date on Latest Security Information

Oracle continually improves its software and documentation. Check this note yearly for revisions.