Re: [vserver] Are bind mounts to outside the /vserver base a security risk?

From: Johan <>
Date: Mon 19 Nov 2007 - 16:41:54 GMT
Message-ID: <>

Hi Ed,

Quoting Ed W <>:

> If I have my chroot barrier set on /vserver and then bind mount (for
> some reason) something from /var/xxx into a vserver, does this then
> offer an (accidental) way to break out of the chroot using some kind of
> ".." attack on the bind mount?

I don't think mounting another device poses a big _additional_ security risk.

But, if you are concerned about breaking out of virtual hosts, than
you probably have other worries, as virtual servers are not meant for
security purposes.

Best regards,

Received on Mon Nov 19 16:42:39 2007

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Mon 19 Nov 2007 - 16:42:46 GMT by hypermail 2.1.8