In previous posts, VirtualBox sandbox creation was covered. VM exporting and importing were also covered as a way to migrate to new hosts. In this post I’ll be covering how to work with sandbox data. The data on a sandbox more often than not needs to remain isolated from other systems. This is a challenge when data needs to be placed on or retrieved from the sandbox. There are a few ways to do this, which we will cover here.

VirtualBox sandbox systems provide the following resources that can be used to transfer data. These are disk drives, CD images, host shares, network connections, USB storage, and drag and drop. The point of a sandbox is to segment it away from another environment, this includes the VirtualBox host that the sandboxed VMs run on. The follow point out some of the benefits and limits of each method.

Disk drives on VMs can be mounted by secondary VMs. This method of data transfer will keep the sandbox isolated, however the sandbox must remain offline while the secondary VM accesses the disk drive. No two VMs can simultaneously access the same disk drive. So disk drive data transfer satisfies the isolation, but availability is limited because of the access limits.

CD images can be used to transfer data to sandbox VMs, however these are read only devices. If the only requirement is to get data to a sandbox, then this might be the best method. It provides sandbox isolation and availability. However, the CD image will need to be created and this can be time consuming.

Host shares in VirtualBox will provide VMs a virtual network resource that resides on the host. Although this is not true isolation, it does provide a limit on read and write access to that data. This method provides both good availability and response, but it does not isolate the data from the host. Guest additions will need to be installed on the VM to support this feature.

Network connections can be used with some considerations put in place. To keep the sandbox isolated from the host, a separate network interface should be used. Host systems with multiple network adapters should be able to accommodate sandbox VMs that will connect to sandbox networks. The VirtualBox host network adapter that will be used by the sandbox should not be bound to the host. The point of isolation is to keep the two from communicating with each other. VirtualBox will support wired network adapters more seamless than wireless. Binding a wireless adapter with a VM will take more steps to accomplish, so I don’t recommend it for those new to VirtualBox.

USB storage can allow a sandbox to read and write data to storage without the need for going offline. However, the VirtualBox host will also have access to the storage. Another issue with USB storage on a VirtualBox VM is the need for additional steps to support this method.

Finally, VirtualBox supports a method called drag and drop. Again, additional steps will be needed so that this will be available to the VM. Guest additions will need to be installed on the VM to support this feature. Once enabled, the direction of a drag and drop function can be set to go either in one direction or back and forth.

I won’t demonstrate any of these methods here, refer to the VirtualBox help for more information. Once a sandbox VM is running, snapshots are a great way to undo any trouble brought about by any of these methods that go wrong. I would suggest using clones and snapshots to have ways to back out of a problem. As always, test before you use.

I hope you have found this helpful and it at least points you in a direction that will take you further in your sandboxing efforts. Thank you again for joining along and I hope you will stop by again.