Virtualbox guest additions: enable by default the display management service
Originally created by Tails on #5730 (Redmine)
When running tails as a Virtualbox guest, the display management service is disabled by default. Thus the "auto-resize guest display" option in Virtualbox doesn’t work. It can be enabled by the following command:
sudo VBoxClient —display
This could be made default if there is no security risk involved.
/etc/X11/Xsession.d/98vboxadd-xclientalready tries to start this service, but fails:Failed to connect to the VirtualBox kernel servicein~/.xsession-errors. Giving the default user read/write access to/dev/vboxuserallows her to runVBoxClient --displaywithout being root.The
virtualbox-guest-dkmsDebian package ships the udev rules that should fix these permissions, but we intentionally remove this package at build time after having built the modules.One should change
config/chroot_local-hooks/50-virtualboxto duplicate the udev rules file installed byvirtualbox-guest-dkms.I’m not convinced we want to do this. First, auto-resize guest display results in super weird resolutions that are essentially unique identifiers. The only application I’m aware of leaking the resolution is Iceweasel. Torbutton does stuff here which maybe is good enough (setting desktop resolution to window size rounded to multiples of 50, I believe). OTOH a VirtualBox host with guest additions installed has a pretty ok selection of resolutions, and user-set resolutions will be remembered and re-set by the guest additions. Isn’t that good enough?
Second, if we give the amnesia user permission to
/dev/vboxuserit can also enable clipboard sharing at will. Of course, since the amnesia user is a passwordless sudoer it currently can do that any way, but when tails-greeter is released it won’t. Tthe default when creating a VirtualBox appliance is bi-directional clipboard sharing, and hence a compromised Tails session results in the Tails session always having access to the host’s clipboard. The user could of course disable clipboard sharing in the VirtualBox guest appliance settings when not needed, but I don’t expect users to think about this.Conslusion: If we think auto-resizing is important and safe, we should enable it by default without giving the user access to
/dev/vboxuser. I suppose we could also activate clipboard sharing, but only in the Tails -> host direction.Until someone gives us convincing arguments for the above this bug is marked wontfix => .
Feature Branch: feature/5730-enable-virtualbox-guest-additions
Related issues
- Related to #7728 (closed)