In high-security environments, you can disable certain components to minimize the risk that an attacker can use the host guest file system (HGFS) to transfer files inside the guest operating system.

Modifying the parameters described in this section affects only the Shared Folders feature and does not affect the HGFS server running as part of tools in the guest virtual machines. Also, these parameters do not affect the auto-upgrade and VIX commands that use the tools' file transfers.

Procedure

  1. Log in to a vCenter Server system using the vSphere Web Client and find the virtual machine.
    1. In the Navigator, select VMs and Templates.
    2. Find the virtual machine in the hierarchy.
  2. Right-click the virtual machine and click Edit Settings.
  3. Select VM Options.
  4. Click Advanced and click Edit Configuration.
  5. Verify that the isolation.tools.hgfsServerSet.disable parameter is set to TRUE.
    A setting of TRUE prevents the VMX process from receiving a notification from each tool's service, daemon, or upgrader processes of its HGFS server capability.
  6. (Optional) Verify that the isolation.tools.hgfs.disable parameter is set to TRUE.
    A setting of TRUE disables the unused VMware Shared Folders feature for sharing host files to the virtual machine.