Add-on: I checked the sources provided at https://download.virtualbox.org/virtualbox/6.1.22/ and I think the responsible code snippet is in VirtualBox-6.1.22/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp
```
$ cat -n VirtualBox-6.1.22/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp | grep -A 10 2550
2550 /*
2551 * Check that we're root, if we aren't then the installation is butchered.
2552 */
2553 g_uid = getuid();
2554 g_gid = getgid();
2555 if (geteuid() != 0 /* root */)
2556 supR3HardenedFatalMsg("SUPR3HardenedMain", kSupInitOp_RootCheck, VERR_PERMISSION_DENIED,
2557 "Effective UID is not root (euid=%d egid=%d uid=%d gid=%d)",
2558 geteuid(), getegid(), g_uid, g_gid);
2559 #endif /* SUP_HARDENED_SUID */
2560
```
When making a small demo:
```
$ cat a.c
#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <sys/types.h>
int main(int argc, char** argv) {
printf("Real user id: %d\n", getuid());
printf("Effective user id: %d\n", geteuid());
int res = openat(AT_FDCWD, "/dev/vboxnetctl", O_RDWR);
if (res == -1) { perror(NULL);
return 1;
}
printf("Opened file.\n");
return 0;
}
```
with
Add-on: I checked the sources provided at https:/ /download. virtualbox. org/virtualbox/ 6.1.22/ and I think the responsible code snippet is in VirtualBox- 6.1.22/ src/VBox/ HostDrivers/ Support/ SUPR3HardenedMa in.cpp
``` 6.1.22/ src/VBox/ HostDrivers/ Support/ SUPR3HardenedMa in.cpp | grep -A 10 2550 talMsg( "SUPR3HardenedM ain", kSupInitOp_ RootCheck, VERR_PERMISSION _DENIED,
$ cat -n VirtualBox-
2550 /*
2551 * Check that we're root, if we aren't then the installation is butchered.
2552 */
2553 g_uid = getuid();
2554 g_gid = getgid();
2555 if (geteuid() != 0 /* root */)
2556 supR3HardenedFa
2557 "Effective UID is not root (euid=%d egid=%d uid=%d gid=%d)",
2558 geteuid(), getegid(), g_uid, g_gid);
2559 #endif /* SUP_HARDENED_SUID */
2560
```
When making a small demo:
```
$ cat a.c
#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <sys/types.h>
int main(int argc, char** argv) {
printf("Real user id: %d\n", getuid()); "Effective user id: %d\n", geteuid());
printf(
int res = openat(AT_FDCWD, "/dev/vboxnetctl", O_RDWR);
if (res == -1) {
perror( NULL);
return 1;
}
printf("Opened file.\n");
return 0;
}
```
with
```
$ gcc a.c
$ sudo chown root: a.out
$ ls -l a.out
-rwxrwxr-x 1 root root 16312 Jul 30 12:05 a.out
$ ./a.out
Real user id: 1000
Effective user id: 1000
Operation not permitted
$ sudo ./a.out
Real user id: 0
Effective user id: 0
Opened file.
$ sudo chmod u+s a.out
$ ./a.out
Real user id: 1000
Effective user id: 0
Opened file.
```
However, regardless if I provide each and every executable in /usr/lib/ virtualbox/ * the sticky bit with `chmod u+s` this error keeps popping up.
X11 showing the error dialog refers to /usr/lib/ virtualbox/ VBoxManage. But it seems very resilient to any of my attempts.
BUT: running VBoxManage as root (e.g. `sudo VirtualBox`) works like charm.