In dual-boot system, can sandboxing prevent one o/s from infecting the other?

Discussion in 'sandboxing & virtualization' started by Ulysses_, Apr 4, 2014.

Thread Status:
Not open for further replies.
  1. Ulysses_

    Ulysses_ Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    207
    In a dual-boot system with windows and linux only linux is given internet access. Windows xp is only used offline, and that is enforced by disabling its nic drivers.

    Can some sort of sandboxing prevent malware in linux from affecting the windows partition? Maybe if the linux malware is not aware of Reboot Restore Rx in the windows partition, then it cannot affect windows because any changes it makes are cleared at reboot?

    Maybe full-system sandboxing for linux too? This seems too hard to install and manage, is there any user-friendly software for full-system sandboxing just like Reboot Restore Rx but for linux?
     
    Last edited: Apr 4, 2014
  2. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,983
    Location:
    Canada
    I think as long as the Windows partition is unmounted during your linux session, then I don't see how malware could write to it. If you like Chrome/Chromium, you will get exceptional sandboxing with it in Linux.
     
  3. Ulysses_

    Ulysses_ Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    207
    Can't malware discover the root password with a key logger and then use it to mount the windows partition or write directly to its boot record or the mbr?
     
  4. Ulysses_

    Ulysses_ Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    207
    Also isn't Chrome google's future spyware?
     
  5. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    If the malware executes, shouldn't you be more concerned on what it does on your Linux system itself; more so since it's connected? The damage is already done. So, why worry about the XP partition in particular?

    Chrome is the window to Google's services. Default install isn't exactly privacy-friendly but you can change settings and couple it with privacy-control extensions to fit your needs. I would call it sweet revenge.
     
  6. Ulysses_

    Ulysses_ Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    207
    Internet-deprived Windows XP is the only o/s given access to all my data, in a truecrypt container file. Linux malware cannot read this data but it can corrupt the container. Hence the need for robust linux sandboxing.

    If only something as good as Shadow Defender existed in linux. Can't trust chrome, sorry. What are other user-friendly options for ubuntu and its derivatives? All partitions must be made non-persistent.
     
    Last edited: Apr 4, 2014
  7. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,983
    Location:
    Canada
    I think you're hypothesizing an extremely unlikely scenario here, but I could be wrong.

    Why not just apply restrictive file permissions to the container using chmod or maybe umask? You could make it read only for yourself and others and change it to less restrictive read/write for yourself when required. There might be a better way, but I'm just trying to come up with ideas here.
     
  8. Ulysses_

    Ulysses_ Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    207
    Actually it's not just automatic malware like viruses that I am concerned with, but malware under the remote control of a human. Not sure why you consider a keylogger extremely unlikely, but thanks, you gave me an idea, maybe the best strategy is to never use su or sudo in linux after accessing the internet, so any keylogger cannot steal the root password and therefore will never be able to mount xp or install boot-time malware.

    Or is there linux malware that can bypass the root user and run itself at the next bootup?
     
    Last edited: Apr 5, 2014
Loading...
Thread Status:
Not open for further replies.