On Monday 07 February 2005 16:20, Dominik Hirt wrote:
> Hi Paolo
> I run a little provider for umls in Switzerland.
> I've read on your page about security problems.
> Will you provide more infos on the web page?
There are already (please explore the site), and they are fixed inside
2.6.9-bs6; the web-site also explains the usual good things to do for a
public setup (runs UMLs as unprivileged users inside a chroot).
Also, the security fixes I talk about matter in a limited way - for UML's
design, the root user can insert a module which does anything needed on the
host (as the user running UML, of course).
That's exactly how the "hostfs" module works. The security problems would
allow an *unprivileged* UML user to access the host.
> It's important for me to know wether the host or the guest kernel
> ist affected an what sort of security hole it is (race condition,
> buffer overflow ...)
Paolo Giarrusso, aka Blaisorblade
Linux registered user n. 292729