Re: [vserver] chroot breaking

About this list Date view Thread view Subject view Author view Attachment view

From: klavs klavsen (
Date: Mon Feb 11 2002 - 05:16:00 EST

On Sun, 2002-02-10 at 18:35, Martin Josefsson wrote:
> > My question is, if anyone know or have tried wether or not the chroot
> > functionality of vserver can be broken like this? or does the kernel
> > changes help ensure, this never happens?
> >
> > This just to know how well I should sleep at night, with vserver
> > installed :-)
> The new stuff in the ctx-7 patch fixes all chroot breakouts that I know
> of. the way described in
> is plugged.
ctx-7? isn't the latest release ctx-6? you mean that it will be fixed
once ctx-7 hits the street?

> What I'm talking about is breaking out of a vserver, that should be fixed
> in ctx-7. But if you have a new chroot in a vserver that chroot could be
> broken out of but the attacker would still not be able to get out of the
> vserver.
ok. Thanks. looking forward to getting a secure vserver.

> /Martin
> Never argue with an idiot. They drag you down to their level, then beat you with experience.
I love that quote :-)


Klavs Klavsen

-------------| This mail has been sent to you by: |------------ Klavs Klavsen - OpenSource Consultant -

Get PGP key from - Key ID: 0x586D5BCA Fingerprint = A95E B57B 3CE0 9131 9D15 94DA E1CD 641E 586D 5BCA --------------------[ I believe that... ]----------------------- It is a myth that people resist change. People resist what other people make them do, not what they themselves choose to do... That's why companies that innovate successfully year after year seek their peopl's ideas, let them initiate new projects and encourage more experiments. -- Rosabeth Moss Kanter

About this list Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:00 EDT