0

I would like to know if there is anyway to ensure security of the host machine while hosting potentially malicious virtual machines. The host machine should never crash or be compromised no matter what the virtual machine does - is this possible if configured correctly?

Shravan S
  • 3
  • 1

2 Answers2

4

Let me formulate it in another way: if a malicious VM crashes the host, the VM infrastructure is garbage and has a security hole. It is not possible, it is a CORE function of a VM infrastructure to handle this.

TomTom
  • 50,857
  • 7
  • 52
  • 134
  • So if its configured well by experts - its not possible? I know that docker container can crash the host system and there is nothing you can do to stop it – Shravan S Oct 18 '20 at 14:56
  • @ShravanS You didn't ask about Docker, and those aren't virtual machines. It also doesn't require an expert to configure. It requires experts to develop the software. And that's what they did. – Michael Hampton Oct 18 '20 at 16:06
  • Yeah. The whole concept of Docker is NOT to have a full virtual machine. This does come with specific costs and issues - but gains hugh memory savings. This question is per question not about docker, as Docker is not making VM's. – TomTom Oct 18 '20 at 18:31
1

Never say never. Not possible for general purpose operating systems + hypervisor + hardware to never affect the host. Like any software, complexity means it is going to have flaws, and rarely those are virtual machine escapes or denial of service.

Guest affecting host is a very bad problem, although fortunately rare. The platforms have a strong incentive to fix it, they sell VMs as a stable and secure way to partition compute. Maintaining your systems with updates is the first defense. Modern software has exploit mitigation features, and have patched known flaws.

Mitigating problems that might happen anyway calls for a business continuity plan, as always. Be able to restart instances on different hosts. Test backup restore, enabling a rebuild if necessary.

As a part of strategic planning, think about your platform choices. Several hypervisors exist (Hyper-V, kvm, VMware, PowerVM, bare metal, experimental micro kernels) some of which can run on various CPU architectures (ARM, POWER, x86). Most exploits are platform specific. Diversity of implementations means you have options should one feel insecure or legacy. Admittedly, switching platforms is expensive.

John Mahowald
  • 30,009
  • 1
  • 17
  • 32