In dual-boot system, can sandboxing prevent one o/s from infecting the other?

In a dual-boot system with windows and linux only linux is given internet access. Windows xp is only used offline, and that is enforced by disabling its nic drivers.

Can some sort of sandboxing prevent malware in linux from affecting the windows partition? Maybe if the linux malware is not aware of Reboot Restore Rx in the windows partition, then it cannot affect windows because any changes it makes are cleared at reboot?

Maybe full-system sandboxing for linux too? This seems too hard to install and manage, is there any user-friendly software for full-system sandboxing just like Reboot Restore Rx but for linux?

 

I think as long as the Windows partition is unmounted during your linux session, then I don't see how malware could write to it. If you like Chrome/Chromium, you will get exceptional sandboxing with it in Linux.

 

Can't malware discover the root password with a key logger and then use it to mount the windows partition or write directly to its boot record or the mbr?

 

Also isn't Chrome google's future spyware?

 

If the malware executes, shouldn't you be more concerned on what it does on your Linux system itself; more so since it's connected? The damage is already done. So, why worry about the XP partition in particular?

Chrome is the window to Google's services. Default install isn't exactly privacy-friendly but you can change settings and couple it with privacy-control extensions to fit your needs. I would call it sweet revenge.

 

Internet-deprived Windows XP is the only o/s given access to all my data, in a truecrypt container file. Linux malware cannot read this data but it can corrupt the container. Hence the need for robust linux sandboxing.

If only something as good as Shadow Defender existed in linux. Can't trust chrome, sorry. What are other user-friendly options for ubuntu and its derivatives? All partitions must be made non-persistent.

 

I think you're hypothesizing an extremely unlikely scenario here, but I could be wrong.

Why not just apply restrictive file permissions to the container using chmod or maybe umask? You could make it read only for yourself and others and change it to less restrictive read/write for yourself when required. There might be a better way, but I'm just trying to come up with ideas here.

 

Actually it's not just automatic malware like viruses that I am concerned with, but malware under the remote control of a human. Not sure why you consider a keylogger extremely unlikely, but thanks, you gave me an idea, maybe the best strategy is to never use su or sudo in linux after accessing the internet, so any keylogger cannot steal the root password and therefore will never be able to mount xp or install boot-time malware.

Or is there linux malware that can bypass the root user and run itself at the next bootup?