From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Mon 22 Dec 2003 - 22:48:08 GMT
On Mon, Dec 22, 2003 at 08:35:36PM -0000, Luís Miguel Silva wrote:
> Hello all,
>
> I know the do_brk vulnerability is "a thing of the past" but, I just
> tried out the exploit on one of my vservers just to see what happened.
[exploit attempt censored ;]
> And now for a developer question: is a local kernel root exploit able
> to break the vserver environment?
depends on the kind of exploit ...
approaches modifying kernel structures could
be used to 'escape' the context, thus gaining
host administator powers ...
> If a normal user was to successfully exploit a vserver with a local
> exploit would he:
assumed that the user uses an exploit tool which
works on a 'normal' machine, he probably will gain
root on the vserver, if he adapts this, and manages
to modify task/context structures, he will become
root on the host ...
> a) be root on the vserver?
>
> b) Be root on the root server?
>
> c) None of the above.
> Aliens would invade earth and it would
> rain chocolate candy...heh
that's my favorite, so I'll go for c)
merry xmas,
Herbert
> Best,
>
> +-------------------------------------------
>
> | Luís Miguel Silva
>
> | Network Administrator@ ISPGaya.pt
>
> | Rua António Rodrigues da Rocha, 291/341
>
> | Sto. Ovídio o 4400-025 V. N. de Gaia
>
> | Portugal
>
> | T: +351 22 3745730/3/5 F: +351 22 3745738
>
> | G: +351 93 6371253 E: lms_at_ispgaya.pt
>
> | H: http://lms.ispgaya.pt/
>
> +-------------------------------------------
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver