Re: [Vserver] CAN-2004-1235 anyone?
On Tue, Jan 11, 2005 at 10:07:12AM -0500, Gregory (Grisha) Trubetskoy wrote: > > Is this something to worry about on vs 1.9.3 kernels? yep, local (vserver) root priviledge escalation is possible AFAICT it's not possible to leave a vserver (at least not without other exploits) ... > http://isec.pl/vulnerabilities/isec-0021-uselib.txt > > I saw Fedora released an updated kernel, though the comment at the > beginning of the exploit code in the link above says "tested only on > 2.4.x". I for one could get it to compile, though I didn't try very hard. http://kerneltrap.org/files/jeremy/2.6.10-mm1-brk-locked.patch (might need some merging, will look into it asap) HTH, Herbert > > Grisha > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] CAN-2004-1235 anyone?
Is this something to worry about on vs 1.9.3 kernels? http://isec.pl/vulnerabilities/isec-0021-uselib.txt I saw Fedora released an updated kernel, though the comment at the beginning of the exploit code in the link above says "tested only on 2.4.x". I for one could get it to compile, though I didn't try very hard. Grisha ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Problems building util-vserver-0.23.90.2
On Mon, Jan 10, 2005 at 10:25:51PM -0500, Tad Truex wrote: > Greetings all, > > I have grabbed the util-vserver-0.23.90.2 which I believe goes along > with the patch for the 2.6.10 kernel (patch-2.6.10-vs1.9.3.17.diff) > > The kernel built and booted just fine. > > I grabbed the vserver.spec file out of the util-vserver-0.23.90.2 > tarball and tried to build it, but I get the following errors. > > In file included from src/capchroot.c:39: > ./linuxcaps.h:35: error: syntax error before '*' token > ./linuxcaps.h:35: warning: type defaults to `int' in declaration of > `cap_user_header_t' > ./linuxcaps.h:35: error: ISO C forbids data definition with no type or > storage class > ./linuxcaps.h:41: error: syntax error before '*' token > ./linuxcaps.h:41: warning: type defaults to `int' in declaration of > `cap_user_data_t' > ./linuxcaps.h:41: error: ISO C forbids data definition with no type or > storage class > make[1]: *** [src/capchroot.o] Error 1 > make[1]: Leaving directory `/usr/src/redhat/BUILD/util- > vserver-0.23.90.2' > make: *** [all] Error 2 > > > Has anyone seen this already and figured out what I am doing wrong? hmm, where the hell did you find util-vserver-0.23.90.2 and why not use the recent 0.30.196 for that purpose? http://www.linux-vserver.org/alpha+util-vserver http://www-user.tu-chemnitz.de/~ensc/util-vserver/alpha/util-vserver-0.30.196.tar.bz2 HTH, Herbert > Thanks, > Tad > > PS - I am trying to build on a well patched FC3 distro. > > > > > -- > Tad Truex <[EMAIL PROTECTED]> > > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
