I've been asked to look into getting VIX API disabled on a VMware esx environments, as it's seen to be a security risk.
"An attacker could leverage this API to execute unauthorized scripts within a guest OS"
So I've three questions here...
1.If there is a way to disable the VIX API on the guest machines, what functionally will be lost? i.e snapshots/DR/migration.
2. How do we disable it, is this part of VMware tools install on the guests?
3. Is it a good or bad idea to do?
I've had a good look around the forums, it suggest that the VIX API is for developer/sys admin scripting but I still not confident that doing this won't impact if removed.
