[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Openvds-devel] Control Panel for OpenVDS-2
|
From: |
Paul Sladen |
|
Subject: |
RE: [Openvds-devel] Control Panel for OpenVDS-2 |
|
Date: |
Mon, 14 Jan 2002 14:33:09 +0000 (GMT) |
On Mon, 14 Jan 2002, Dave Cost wrote:
> > You'll have to have some *tight* capabilites; consider that:
> >
> > a) root can create a hard link to inode zero (jail busted).
> >
> > b) do anything they want with /proc/kcore (*whatever* to *whoever*).
>
> Could you please provide pointers to some working exploits so I can run some
> tests?
First one requires system calls--second one is as simple as:
cat /dev/zero > /proc/kcore
<crash>
And again, remember that even if the dev-nodes don't exist, *root* can
easily recreate them!
> You'll only be able to bind the virtual address even if you bind
> 0.0.0.0,
Excellent!
-Paul
- Re: [Openvds-devel] Control Panel for OpenVDS-2, (continued)
- Re: [Openvds-devel] Control Panel for OpenVDS-2, Paul Sladen, 2002/01/14
- RE: [Openvds-devel] Control Panel for OpenVDS-2, Dave Cost, 2002/01/14
- Re: [Openvds-devel] Control Panel for OpenVDS-2, Joe Cooper, 2002/01/14
- RE: [Openvds-devel] Control Panel for OpenVDS-2, Dave Cost, 2002/01/14
- Re: [Openvds-devel] Control Panel for OpenVDS-2, Joe Cooper, 2002/01/14
- RE: [Openvds-devel] Control Panel for OpenVDS-2, Dave Cost, 2002/01/14
- RE: [Openvds-devel] Control Panel for OpenVDS-2,
Paul Sladen <=
- RE: [Openvds-devel] Control Panel for OpenVDS-2, Dave Cost, 2002/01/14