Date: Mon 02 Aug 2004 - 09:34:29 BST
On 31 Jul, Paul Sladen wrote:
> There is no security risk to existing vservers. However, when creating a
> vserver using `util-vserver' (...)
As Paul already stated there are problems when creating a new vserver,
but one dangerous line is in the section that is processed during each
vserver start or reboot!
> When posting an unsigned patch ``out-of-the-blue'' it is often useful to say
> a little about what it does. Or perhaps add comments to the patch stating
> what it changes and why
I fully agree with you and I send patches normally to the package
maintainer, but this time it was also an issue to give the sysadmins a
head start before less experienced script kiddies figure out how to
exploit it. While I think most of the people who are running a vserver
somewhere have no interest to render the host system completely
unusable, there are always some who think it's kind of funny, or to cite
Hagrid: There's a weirdo in every breed.
> Once again, thanks for bringing the spaces issue to people's attempt, and
> could you comment on whether the above evaluation is correct?
-- Klaus ter Fehn Wagnerstr. 4 Mobile: +49-172-2529379 40212 Duesseldorf Phone: +49-211-356880 ktf_at_gun.de FRG/Germany Fax: +49-211-356881
... to boldly code where no byte has gone before ... _______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver