VMWare Security Questions

[snekul]

Hi everyone,

I've installed VMWare Workstation 4.5.2 just a week ago and noticed some interesting things. First of all, it creates a new user and group on the local machine named __vmware__ and in the local security policy it gave that user rights to log on locally. I searched the forums, google, and the help file, and couldn't seem to find anything relevant. Does anyone have any idea if this should be regarded as a security risk? Furthermore, why does VMware even need to create these? Is this so limited users can run the program without hassle? Just seemed a little odd to me, VMWare is definately a program that adds a lot of stuff to the computer. Thanks.

[Westmont]

Hi everyone,

I met the same situation in GSX Server 3.10.

No information at all at VMWare regarding user and group created during set up.

I tried to use this account to run a virtual machine, as I did not know the user password (he had one set), I changed the password and flag options to make it permanent. After that I can run the virtual machine. But each time the host OS was restarted, the __vmware_user__ account was reset to another password .

Does it means that VMWare Inc knows at least one user password on each machine running VMWare product over the world ?

Can someone put some light inside this blackhole ?

This will be really appreciated. Thanks.