So, sometimes I'll use a VM for this purpose. A few months ago I was downloading soundfonts, and some of the soundfonts were only available in a compressed .sfark format needing specific .sfark software to use. Downloading an obscure program from some shareware site from 15 years ago seemed a bit risky, and so I installed this software on a VM just to be safe.
Since the point is to be concerned with safety and security, what is a good way to transfer files to and from the guest VM and host machine?
- VirtualBox's shared folders/network drives/USB connectivity is not a good choice because malware loves these vectors
- VirtualBox's default way of transfering files, simulating a SMB network drive, also doesn't seem safe.
- Probably same for the shared clipboard feature.
- Logging into an email client on the guest could divulge password information.
- Running a ftp server or web server on the host takes time and introduces an attack surface.
So, my idea is to send the raw file data over a socket, and write a Python script to re-assemble it into a file.
In VirtualBox, I configured bridged networking so that the guest can ping the host but all shared folders/networks are disabled. I install Python on the guest and use scripts to transfer files over a socket by ip address. (To see the guest's ip, in Windows ipconfig, in Linux ifconfig). Type this ip address into the second script below.
First run this script on the host, which I put together from some stack overflow answers,
Then, run this script on the guest, after changing the file name and ip address.
To ensure that the data is intact, I can use a quick checksum with SHA512,
The chances of any malware reaching the host machine are low. Only one file is written to a port that is quickly closed, and the file contents are checked with SHA512. I still don't use this to transfer any executable files, but in general I think this is a safer way to copy files from a VM.