From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 27 Apr 2005 - 18:13:05 BST
On Wed, Apr 27, 2005 at 06:49:21PM +0200, Oliver Dietz wrote:
> Hi Oliver,
> >>Would you give anyone (that you don't know realy good) root-access to a
> >>(correctly configured) vserver, when the host-system is a sensible
> >>productive system?
> >As there are a lot of companys outside who sell vServer's on their
> >systems I think - yes you can ;)
> ok, that a good point/answer :-))
> >vServer has mulitple securitty features to prevent people from breaking
> >out of a context - I dont know if there is no way, but at least there is
> >no known one at the moment
> I'm trying a few days now to get the infomarions from all the "papers" on
> linux-vserver.org together ... but it's realy hard to find the "red line"
> through all that ... so i'm not realy sure if i've done all correct and if
> my vserver is secure (i'm no real linux-inside) isolated ...
> Is there a tool (like testme.sh) that tests the common (maybe also
> uncommon) possibilities of misconfigurations (like the capabilities and
> chroot-exploids) from inside the VServer?
not yet, but sounds like something useful to me ...
> Vserver mailing list
Vserver mailing list