About this list Date view Thread view Subject view Author view Attachment view

From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Sun 21 Mar 2004 - 20:41:39 GMT


On Sat, Mar 20, 2004 at 01:15:56PM -0500, Gregory (Grisha) Trubetskoy wrote:
>
>
> On Sat, 20 Mar 2004, Enrico Scholz wrote:
>
> > There you have a 'vprocunhide' (init)script which unhides some files;
> > the current list is available at
> >
> > http://savannah.nongnu.org/cgi-bin/viewcvs/util-vserver/util-vserver/distrib/misc/vprocunhide-files?rev=HEAD
>
> Would you consider this a pretty safe list of things to be visible in
> a vserver?

did a quick, first impression classification on those
entries, so it is a start, but nothing final, and YMMV

/proc/net/ (C)
-/proc/net/rpc/ (D)
/proc/sys/ (C)
-/proc/sys/debug/ (D)
-/proc/sys/dev/ (D)
/proc/sysvipc/ (C)
/proc/tty/ (C)
/proc/cmdline (B)
/proc/cpuinfo (A)
/proc/crypto (A)
/proc/devices (B)
/proc/execdomains (B)
/proc/filesystems (B)
/proc/interrupts (B)
/proc/iomem (B)
/proc/ioports (B)
/proc/kcore (D)
/proc/kmsg (C)
/proc/ksyms (C)
/proc/loadavg (A)
/proc/locks (B)
/proc/meminfo (A)
/proc/misc (B)
/proc/modules (B)
/proc/pci (C)
/proc/slabinfo (A)
/proc/stat (A)
/proc/swaps (B)
/proc/uptime (A)
/proc/version (B)

(A) ... useful on vservers (maybe even required)
(B) ... not required, leaks host info
(C) ... critical, might pose a security risk
(D) ... dangerous, might be used for DoS

HTH,
Herbert

> Grisha
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 21 Mar 2004 - 20:42:53 GMT by hypermail 2.1.3