Is this a good product to use if you don't trust the VMs you install it on?

I use VMs that I don’t necessarily trust fully. ssdnodes has the ability to run commands in my VMs. Maybe I’ll find some other VMs on lowendbox run by someone shady. Whatever. Is this a bad product to use with these kinds of machines?
ACLs I imagine will work great once machines are not able to retag themselves but I guess that’s going away for the free tier later on. Is there another way to prevent a hacker from using tailscale to make lateral movements in my network? I know on my desktop I can turn on shields up or turn off the ability for people to make incoming connections but if I want to temporarily share my desktop with a friend I’ll have to turn that off.
I guess I also worry that these machines will also be able to use tailscale to discover my email address because I logged in on them or the IPs of my other machines but I don’t think that can really be helped. Maybe if everything was set to use a relay?
Maybe I should make an account for each VM and share computers between them? That wouldn’t be considered an abuse would it?

Hi, the plan is for ACLs (at least ACL tags) to become available in the free tier, although admittedly our pricing page currently says the opposite. You shouldn’t worry about applying ACLs in the free tier.

You’re correct that you do have the re-tagging problem. We need to fix that before it’s fully secure. This won’t affect pricing though.

2 Likes

sweet. That lets me install this onto all these crazy VMs to my heart’s content. Thanks!