Since I blogged ThinApp – Licensing Issues – Ethics do not ship with the code I have been thinking about the security aspects of VMware ThinApp and similar virtualization technologies such as Microsoft App-V.
I came up with a set of questions to which I searched for some answers:
- ThinApp creates a self contained application within its Bubble. Is it possible for this Bubble to contain a Virus, RootKit, or Worm that could then infect the system on which it runs?
- ThinApp contains a set of libraries that could be less secure than those on the operating system on which the ThinApp Bubble is running. Can the system libraries override those within the Bubble?
- ThinApp contains a mechanism to update the ThinApp Bubble called AppSync, what is the security surrounding AppSync? Could an attacker include a attack payload within such a download?
In essence could ThinApp be used to subvert existing system security?