Hello On Sun, Oct 02, 2005 at 09:30:02PM +0200, Christian Aichinger wrote: > On Wed, Sep 28, 2005 at 02:47:28PM +0800, Andrew Lee wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Ola Lundqvist wrote: > > > > >> I do not have access to a 2.6 kernel patched with vserver but I > > >> can check on a patched 2.4 kernel with old style patch. > > > > Okay, I have a machine running 2.6 kernel patched with vserver 2.0, so > > what can I help you on 2.6 kernel patched with vserver? > > > > I have tried and successed escape from vserver's guest by using the > > expolits[2], and failed on the test of testfs.sh script[1], could you > > please do both tests on your 2.4 kernel patched with old style patch to > > confirm the is really a security problem. > > > > [1] http://vserver.13thfloor.at/Stuff/SCRIPT/testfs.sh-0.09 > > [2] http://vserver.13thfloor.at/Stuff/rootesc.c > > I'm not sure if this is related, but Bertl has found that the > util-vserver packages in sarge don't work for most architectures. > The util-vserver syscall stuff seems to do a compile-time check if > the vserver syscall for a given architecture works, and if it does > not, it falls back to the _i386_ syscall number. > > Bertl's tests also indicate that this problem still exists in sarge > for some architectures. > > He has put together some of his tests at: > http://vserver.13thfloor.at/Stuff/Debian/ > > (the util-vserver* files) > > If it turns out that this is not related we should probably file a > separate bugreport about this issue, since it makes the util-vserver > package useless on most architectures.
Thanks a lot for the information. It is most probably related but not 100% sure. Regards, // Ola > Cheers, > Christian Aichinger -- --------------------- Ola Lundqvist --------------------------- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]