Some people wrote to me: your script is bad, it detects qemu, but qemu is bugfree.
ok, looking qemu: qemu makes mount the directory /tmp/mount.$$. Attacker creates many symlinks /tmp/dir.\d+ -> /etc and if qemu (/usr/sbin/qemu-make-debian-root) starts then /etc goes out from root directory tree. The result: system is unusable. example of script for attacker: perl -e 'symlink("/etc", "/tmp/mount.$_") for ($$ .. $$ + 10000)' instead /etc attacker may select any system directory, for example /var, /usr or even /. of course I may be mistaken but I don't use qemu, sorry. -- ... mpd is off . ''`. Dmitry E. Oboukhov : :’ : [EMAIL PROTECTED] `. `~’ GPGKey: 1024D / F8E26537 2006-11-21 `- 1B23 D4F8 8EC0 D902 0555 E438 AB8C 00CF F8E2 6537
signature.asc
Description: Digital signature