From: Alex Lyashkov (shadow_at_psoft.net)
Date: Fri 27 Jun 2003 - 11:38:31 BST
> > >
> > > hrm, this is _not_ a bug ...
> > >
> > > you change the hostname by specifying S_HOSTNAME=<name>
> > > in the /etc/vservers/<name>.conf file ...
> > I think bug. set hostname/domain name have not security
> > compromising, but more correctly work.
> I do not agreer. The hostname should not be
> modified from inside a virtual server ...
> IMHO this is a name given from the physical
> admin to identify the virtual server ...
Imho hostmaine is _not_ for identify virtual server this is real hostname.
Cris write about it.
This identical "hostname by specifying in /etc/vservers/<name>.conf file" and
"hostname by specifying in /etc/sysconfig/network"
and but last hostname set from (not running under VPS) rc.sysinit.
And for change i don`t restart VPS.
> but I guess this isn't really a security
> issue, or am I wrong?
> > I think after move context process limits from task
> > limits struct to context struct can add CAP_SYS_RESOURCE
> > in vserver config file, and disable use it only for
> > file systems.
> hmm, and what about ...
> - Allow more than 64hz interrupts from the real-time clock
it`s critical ? i think not.
> - Override max number of consoles on console allocation
> - Override max number of keymaps
it's for real console and not for pts, and real console not used inside vps.
I wrong ?
-- With best regards, Alex