A privilege escalation via SCSI pass-through
Posted Jan 6, 2012 10:02 UTC (Fri) by lacos
In reply to: A privilege escalation via SCSI pass-through
Parent article: A privilege escalation via SCSI pass-through
SCSI targets accessible from within a VM would themselves be virtual; for example with storage backed from a file (or partition) on the host machine
That's about the default: virtual disks. However, please look at the title: "SCSI pass-through". The idea is to let the guest use the host's resource directly, with its own driver (strictly restricted to boundaries configured in the host).
What's passed-through is a partition, not a complete disk. So the configuration is correct, the partition is basically dedicated to the guest. But the boundaries (ie. partition, not full drive) are not properly enforced by the host.
Just my two cents.
to post comments)