6.1. General Security Principles

The following principles are fundamental to using any application securely.

  • Keep software up to date. One of the principles of good security practise is to keep all software versions and patches up to date. Activate the Oracle VM VirtualBox update notification to get notified when a new Oracle VM VirtualBox release is available. When updating Oracle VM VirtualBox, do not forget to update the Guest Additions. Keep the host operating system as well as the guest operating system up to date.

  • Restrict network access to critical services. Use proper means, for instance a firewall, to protect your computer and your guests from accesses from the outside. Choosing the proper networking mode for VMs helps to separate host networking from the guest and vice versa.

  • Follow the principle of least privilege. The principle of least privilege states that users should be given the least amount of privilege necessary to perform their jobs. Always execute Oracle VM VirtualBox as a regular user. We strongly discourage anyone from executing Oracle VM VirtualBox with system privileges.

    Choose restrictive permissions when creating configuration files, for instance when creating /etc/default/virtualbox, see Automatic Installation Options. Mode 0600 is preferred.

  • Monitor system activity. System security builds on three pillars: good security protocols, proper system configuration and system monitoring. Auditing and reviewing audit records address the third requirement. Each component within a system has some degree of monitoring capability. Follow audit advice in this document and regularly monitor audit records.

  • Keep up to date on latest security information. Oracle continually improves its software and documentation. Check this note yearly for revisions.