Give VPC internet access without being able to access host's drives?

VM=virtual machine

Most VMs by default do not allow it to touch or see the hosts files or drives. (Kind of the whole point of a virtual machine.) This is something you would actually have to tell it to do.

Vmware player by default won't allow the VM to see the host drive. You would have to go into unity settings and enable it.

In addition, inside the vm you could set it up with a guest account or a limited user account for more lockdown. You could even run the virtual machine inside a guest account in windows, thus even if a breach occurred, it could not access the critical areas of the drive.

Example: If its a kiosk being used by multiple people I would do the following:
Host OS-guest account. Virtual machine-Run in guest account.
If a few users-limited account for host-limited account for VM.

Thanks usernameissues, I cannot believe I forgot to include that.

Wow, I really can't believe I forgot to mention that....

Thanks :)

Just like He stated above, VMS can have snapshots and be easily restored to before a user even touched it. Making it very secure as well. You could even use Windows 7 previous versions feature on the actual vm file rolling it back as another way of doing this.

@Jennifer1 You are very welcome. Please post back here should you have any more questions at all.
Happy to help. If you want more advice or anything let me know in this thread.

andrew129260 said:

VM=virtual machine

Most VMs by default do not allow it to touch or see the hosts files or drives. (Kind of the whole point of a virtual machine.) This is something you would actually have to tell it to do.

By default, most virtual machines allow guest machines to see the host.

To say that the whole point of a virtual machine is that it can't connect to host is one of the strangest things I have seen posted here at the Seven Forums, and very much untrue. In most cases virtual machines are especially meant to be part of an existing network. As the OP asks about a specific virtualization platform, Microsoft Windows Virtual PC, the XP Mode (designed for Virtual PC) is a good example: by default it is totally integrated into the host system allowing full access to its drives and devices (kind of the whole point, using your words), its main function being to offer a possibility to run legacy software or use legacy devices which would not be possible on Seven.

andrew129260 said:

You could even run the virtual machine inside a guest account in windows, thus even if a breach occurred, it could not access the critical areas of the drive.

Example: If its a kiosk being used by multiple people I would do the following:
Host OS-guest account. Virtual machine-Run in guest account.
If a few users-limited account for host-limited account for VM.

First, if a vm user accessing host system is an issue, then using guest account is not an answer. It is simply too easy for the user to work around the restrictions of a guest account.

Secondly, as the OP asked about the Virtual PC, if you decide to use Guest account of the host to access your virtual machines and your desired guest system is Windows XP, remember that you cannot use the free Windows XP Mode as Guest account has no access to XP Mode on host giving an Access Denied message if it is tried to launch:

In this case you need to install XP on a vm from your own install media, being logged in to host Guest account.

The easiest way to do what OP is asking is a three step procedure:

1. Disable all sharing on host
2. Set vm to belong a different workgroup than host
3. Disable integration features on Virtual PC settings, either completely or at least for host drives:
   
   
   (Screenshot from XP Mode settings. Virtual PC settings for all virtual machines are and look exactly the same.)

Point 3 above is alone enough in most cases, points 1 & 2 are for added security. However, as users (including Guest) can change these vm settings, it's quite easy to work around any restrictions.

Kari

@ kari

Really? Maybe its because I use vmware player. But I know in vmware player its separate from the host. I have to force it from vmware player to see the hosts drives, or specifically set it up that way.

I do know about virtual pc and xp mode, I do understand its meant to share drives and everything as xp mode integrates applications within seven.

While xp mode is technically a virtual machine, (it is) I do not see it that way. XP mode is more of a program that links to a VM which allows applications to integrate into seven using a virtual machine. It is a virtual machine, but its not at the same time. I think of a virtual machine as being a completely separate environment OS running without being hooked up to the host files directaly unless given permission or set up to do so. That's my definition and use of a virtual machine.

My statement was on vmware player. I don't see anywhere the user speccifying them using xp mode. They wanted to use a virtual machine, so i suggested vmware player and spoke about it. I was not making this statement about all VMS

I know and understand you will have to specify for some vm's that you need to have them separated from the host. Some of them by default do allow them to be connected to host.

In vmware player you must install vmware tools in order to even then set up or allow access to the host drives.

When reading up on VMs I get this information:

System virtual machines[edit]

System virtual machine advantages:
multiple OS environments can co-exist on the same computer, in strong isolation from each other
the virtual machine can provide an instruction set architecture (ISA) that is somewhat different from that of the real machine
application provisioning, maintenance, high availability and disaster recovery[3]
The main disadvantages of VMs are:
a virtual machine is less efficient than a real machine when it accesses the hardware indirectly
when multiple VMs are concurrently running on the same physical host, each VM may exhibit a varying and unstable performance (Speed of Execution, and not results), which highly depends on the workload imposed on the system by other VMs, unless proper techniques are used for temporal isolation among virtual machines.

http://searchservervirtualization.te...irtual-machine

http://pubs.vmware.com/vsphere-4-esx..._machines.html

http://www.forensicfocus.com/downloa...s-analysis.pdf


Not trying to have a debate, but I would love more information. If I am completely wrong, great. Please send me some links you come across.

UsernameIssues said:

It does not sound like VPC is the way to go for this OP.

.....

That is what I was saying in my original comment. Xp mode is way different compared to a standard Virtual Machine. XP mode is nothing like a true VM

andrew129260 said:

UsernameIssues said:

It does not sound like VPC is the way to go for this OP.

.....

That is what I was saying in my original comment. Xp mode is way different compared to a standard Virtual Machine. XP mode is nothing like a true VM

Honestly, somehow I was no longer surprised to read this comment.

Windows XP Mode is a full-blooded, standard virtual machine "for Windows Virtual PC containing a pre-installed, licensed copy of Windows XP Professional with Service Pack 3 as its guest OS" (source). It is in no way different than any other downloadable virtual disk (virtual appliance) containing a pre-installed operating system like for instance those pre-installed vhd's you can download to VirtualBox (VirtualBox Virtual Appliances | VirtualBoxImages.com).

XP Mode is not "way different compared to standard virtual machine". It is exactly the same than Windows XP installed to a vm from user's own install media, the only difference being it is pre-installed to a vhd compatible with Microsoft Virtual PC.

As the Windows XP Mode can easily be ported for instance to VMware, I am really wondering what you think would be the difference if let's say you have an XP vm installed from your own install media on VMware and that's according to you a "standard" vm, then you import the XP Mode to the same VMware and it's not standard?

For the OP: As I do not know about which OS you want to use on a Virtual PC guest, and as the Virtual PC is the virtualization software you were asking about, I just used XP Mode as an example on how a Virtual PC vm works. My answer is however valid whatever guest you want to install on Virtual PC, for the Windows XP Mode is really a standard Virtual PC vm, behaving exactly the same way as any other guest OS you install on Virtual PC, be it another XP from own install media, Seven or Vista or whatever.

Kari