doc/manual/en_US/dita/topics/diskencryption-limitations.dita


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
<topic xml:lang="en-us" id="diskencryption-limitations">
  <title>Limitations of Disk Encryption</title>
  
  <body>
    <p>
        There are some limitations the user needs to be aware of when
        using this feature:
      </p>
    <ul>
      <li>
        <p>
            This feature is part of the Oracle VM VirtualBox Extension Pack,
            which needs to be installed. Otherwise disk encryption is
            unavailable.
          </p>
      </li>
      <li>
        <p>
            Since encryption works only on the stored user data, it is
            currently not possible to check for metadata integrity of
            the disk image. Attackers might destroy data by removing or
            changing blocks of data in the image or change metadata
            items such as the disk size.
          </p>
      </li>
      <li>
        <p>
            Exporting appliances which contain encrypted disk images is
            not possible because the OVF specification does not support
            this. All images are therefore decrypted during export.
          </p>
      </li>
      <li>
        <p>
            The DEK is kept in memory while the VM is running to be able
            to decrypt data read and encrypt data written by the guest.
            While this should be obvious the user needs to be aware of
            this because an attacker might be able to extract the key on
            a compromised host and decrypt the data.
          </p>
      </li>
      <li>
        <p>
            When encrypting or decrypting the images, the password is
            passed in clear text using the Oracle VM VirtualBox API. This
            needs to be kept in mind, especially when using third party
            API clients which make use of the webservice where the
            password might be transmitted over the network. The use of
            HTTPS is mandatory in such a case.
          </p>
      </li>
      <li>
        <p>
            Encrypting images with differencing images is only possible
            if there are no snapshots or a linear chain of snapshots.
            This limitation may be addressed in a future Oracle VM VirtualBox
            version.
          </p>
      </li>
      <li>
        <p>
            The disk encryption feature can protect the content of the
            disks configured for a VM only. It does not cover any other
            data related to a VM, including saved state or the
            configuration file itself.
          </p>
      </li>
    </ul>
  </body>
  
</topic>