The VMware ESX hypervisor could let IT staff steal sensitive data by abusing administrative access, particularly if customers fail to implement role-based access controls, the security vendor BeyondTrust argued last week at VMworld. IT staff with root access to VMware ESX can steal virtual machine disk files and then erase log files and other traces of the illicit activity by manipulating the service console, a Linux-based instance that manages the VMware hypervisor, BeyondTrust says. This could make it easy to steal medical records, financial data, or any other files tied to virtual machines, says Jordan Bean, principal systems engineer for BeyondTrust. Bean provided a demonstration of this type of attack on the VMworld conference exposition floor. But in response, VMware noted that root access to any sort of IT product could let users do malicious things. VMware doesn't have built-in access controls for the service console, but does offer a recommended set of best practices to enable role-based access controls and has partnered with third parties – including BeyondTrust – to track and manage access into virtualized environments.

Name:

Comment:

Title:

Message:

Security

Please input the anti-spam code that you can read in the image.