From: Lars Braeuer (lbraeuer_at_mpex.net)
Date: Mon 04 Nov 2002 - 21:47:52 GMT

• Next message: Justin M Kuntz: "[vserver] moving a vserver to a new machine"
• Previous message: Burak: "Re: [vserver] socket source addresses (was: connect)"
• Next in thread: Klavs Klavsen: "Re: [vserver] break out of the vserver? (if not chmod 000)"
• Reply: Klavs Klavsen: "Re: [vserver] break out of the vserver? (if not chmod 000)"

can anyone tell me how it can be possible for a vserver
admin to break out of the vserver, when the directory
containing the vserver has any other mode than 000 ?

or should the permissions be set for the dir of the actual vserver
(/vserver/x/.) instead of the directory containing the vservers
(/vserver/x/..) ?

**********************************************************
/vservers/x/.. has insecure permissions.
A vserver administrator may be able to visit the root server.
To fix this, do
          chmod 000 /vservers/x/..
do it anytime you want, even if vservers are running.
**********************************************************

lars

• Next message: Justin M Kuntz: "[vserver] moving a vserver to a new machine"
• Previous message: Burak: "Re: [vserver] socket source addresses (was: connect)"
• Next in thread: Klavs Klavsen: "Re: [vserver] break out of the vserver? (if not chmod 000)"
• Reply: Klavs Klavsen: "Re: [vserver] break out of the vserver? (if not chmod 000)"