About this list Date view Thread view Subject view Author view Attachment view

From: ktf_at_gun.de
Date: Mon 02 Aug 2004 - 09:34:29 BST

On 31 Jul, Paul Sladen wrote:
> There is no security risk to existing vservers. However, when creating a
> vserver using `util-vserver' (...)

As Paul already stated there are problems when creating a new vserver,
but one dangerous line is in the section that is processed during each
vserver start or reboot!

> When posting an unsigned patch ``out-of-the-blue'' it is often useful to say
> a little about what it does. Or perhaps add comments to the patch stating
> what it changes and why

I fully agree with you and I send patches normally to the package
maintainer, but this time it was also an issue to give the sysadmins a
head start before less experienced script kiddies figure out how to
exploit it. While I think most of the people who are running a vserver
somewhere have no interest to render the host system completely
unusable, there are always some who think it's kind of funny, or to cite
Hagrid: There's a weirdo in every breed.

> Once again, thanks for bringing the spaces issue to people's attempt, and
> could you comment on whether the above evaluation is correct?

   Klaus ter Fehn          Wagnerstr. 4    Mobile: +49-172-2529379
                     40212 Duesseldorf     Phone:  +49-211-356880
     ktf_at_gun.de            FRG/Germany     Fax:    +49-211-356881

... to boldly code where no byte has gone before ... _______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Mon 02 Aug 2004 - 09:34:42 BST by hypermail 2.1.3