Knowledge Base
Search the Knowledge Base: |
Search the Knowledge Base: |
Security Response to BugTraq 327064: Privilege Escalation on the Host when Running VMware Workstation 4.x
Details
Solution
Users can escalete their privileges on a system running VMware Workstation 4.0 for Linux. This is done by manipulating symbolic links in a world-writable directory such as /tmp.
On a Linux host, if the TMPDIR environment variable is not specified, VMware Workstation attempts to use /tmp by default. Typically, /tmp is not secure.
Workaround:
The best way to work around this problem is to write the VMware temporary files into a secure directory. To do this, first use the TMPDIR variable to define a temporary directory on your system, as detailed in our Knowledgebase:
www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=844.
Note: After specifying a new TMPDIR variable, make sure that the directory you have created to store temporary files has OWNER permissions only.
Solution:
The escalation of privileges problem is resolved in VMware Workstation 4.0.1, a free update for all licensed users of VMware Workstation 4. To download the update, go to www.vmware.com/download/.
The change recommended in the Workaround section of this article is good practice in environments where security is important, even after the update to version 4.0.1.
Keywords
- KB Article: 1019
- Updated: Aug 14, 2009
- Products:
VMware Workstation - Product Versions:
VMware Workstation 4.x (Linux)