Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Keeping Guest Infections from Host via SUBST & ICACLS on Shares

26 Sep 2011   #1

Windows 7 Ultimate 64 bit SP1 x64
 
 
Keeping Guest Infections from Host via SUBST & ICACLS on Shares

I have many uses for a VM, including the taking of risks I avoid on the Host.

I am looking at both VMWare 3.1.4 build-385536 and VirtualBox 4.1.2.r73507

QUESTION 1
Is there any difference in security risks and capability between the use of a conventional shared folder at
G:\2_Way\
or
X:\
where X:\ is the result of the CMD.EXE command
Code:
SUBST X: G:\2_Way\
When running a risk (intentional or otherwise) the host should be protected from malware if I REMEMBER to change the 2_Way folder name to something else BEFORE launching the VM
I prefer to avoid depending on my memory, therefore it will be easier to take no action UNLESS I require 2 way access, in which case a desktop shortcut will run the SUBST command to give access via X:\

QUESTION 2
How can I mitigate the risk if something bad gets in G:\2_Way\ ?
Should I use ICACLS or similar on the 2_WAY folder to prohibit execution ?
I did a few simple things by trial and error with CACLS under XP.

I am new to Windows 7 and ICACLS seems to have more bells and whistles.
I would appreciate being given the CMD.EXE command string for the Host to restrict the contents of
G:\2_Way\

QUESTION 3.
Should I similarly supplement host protection if the Guest is given Read Access to
G:\Read_Only ?
There was a time when I thought files were either write protected or not,
but now there are so many flavours of protection I am bewildered.
e.g. ICACLS lists under "perm"
Quote:
RX - read and execute access
R - read-only access
What sort of Read-Only restriction does the VBOX apply, "R" or "RX"
and does "R" mean that malware can be read and copied but not executed ?

Regards
Alan


My System SpecsSystem Spec
.

Reply

 Keeping Guest Infections from Host via SUBST & ICACLS on Shares




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:28 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33