About this list Date view Thread view Subject view Author view Attachment view

From: Michael Hilscher (mail_at_msh-webservice.de)
Date: Sun 08 Feb 2004 - 23:27:25 GMT


Hallo,

i tried to upgrade my vserver installation from an 'ancient' 2.4.20 ctx
16 up to
2.4.24, 1.26, 0.28 (Tested with Debian Woody and SuSE 8.1).

On my Testserver I found out, that the root-exploit is still working -
aswell on updated old system (synced of productive server) and clean
(means fresh installed) suse 8.1 system! Is there an special patch i
need for vs1.26?

I found also that the vserver build script of 0.28 problems with debian:
Everytime i try to start sshd i get the error: sshdPRNG is not seeded.

BTW: is ctx16 vulnerable by any vserver root-exploit? Actually, I'm
quite happy with my expensive patched 2.4.20 - so i would prefer to
patch ctx16 if possible. Maybe there is another workaround: Did anybody
tried to secure vserver via systrace alredy? I think I'm going to test
this tomorrow.

greetinXs,
Michael Hilscher

--
Would Mozart have been more productive if he had scribes to help him, a
secretary and a CEO to lead his way? -- Linus Torvalds

_______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 08 Feb 2004 - 23:32:05 GMT by hypermail 2.1.3