How can you get a file into a VM without creating a potential malware breach? I was told to kill the internet connection, disable any type of sharing with the host, no copy paste, and no sharing disks, but how would I be able to get the files into the VM if it is secure from both sides? The file in question is about 36GB and there is a second file that is 678MB.

Thank you.

you are viewing a single comment's thread
view the rest of the comments

[–] deadcade@lemmy.deadca.de 2 points 15 hours ago (1 children)

It's not. There's no way to be 100% certain the shared folder daemon on the host has absolutely zero exploits, same thing for the networking stack used for transport. That also includes VM disk I/O, virtual graphics output, and any other communication between guest and host. It'd take some really advanced malware to abuse such exploits, but you're better off minimizing attack surface as much as possible. That means disabling (or removing) every possible form of communication between host and guest, unless absolutely necessary for operation.

[–] Yourname942@lemmy.dbzer0.com 1 points 11 hours ago (2 children)

thank you for the in depth responses. Do you know if it is follish to keep internet on my host when I have the VM have no network connections, or is it highly recommended to kill the internet for both host and VM?

[–] deadcade@lemmy.deadca.de 2 points 11 hours ago

If you're this unsure about running potential malware in a VM, the best method is to just not run it at all.

You should be perfectly fine running with networking on your host, as long as you disable it in the VM configuration before running the potential malware.

[–] frongt@lemmy.zip 1 points 11 hours ago

It is not going to matter. If the malware can escape the VM, it's going to do that regardless of host network access.