From: Jeff D. <jd...@ka...> - 2003-05-04 19:58:08
|
da...@ee... said: > It also *appears* that proper poking of the guest address space might > be able to execute any system call, really. If you can get your code into the UML kernel, then you can do whatever you want on the host, subject to host restrictions (i.e. you have the permissions of the user running UML on the host, if UML is in a host chroot, you don't get to see files outside the chroot, etc). So, if you're interested in securing UML, you disable modules and hostfs, and run it in skas mode, among other things. > Again in SKAS mode, reading something like /dev/kmem results in: > Kernel panic: region_pa : no region for virtual address This is a generic kernel bug. I haven't got around to fixing it, but it looks pretty simple to me. Jeff |