If anybody is running vservers with the util-vserver-0.30 utilities
he/she may want to have a look at the attached patch below.
Normally I'd have waited until the package maintainer (Enrico Scholz)
had checked the patch and give it a official ok but I think the
addressed problem is really serious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 31 Jul 2004 [EMAIL PROTECTED] wrote:
[*** IMHO: This patch is low-medium priority.]
There is no security risk to existing vservers. However, when creating a
vserver using `util-vserver'; if a file called:
'/var/log/foo/bar root'(with
On 31 Jul, Paul Sladen wrote:
> There is no security risk to existing vservers. However, when creating a
> vserver using `util-vserver' (...)
As Paul already stated there are problems when creating a new vserver,
but one dangerous line is in the section that is processed during each
vserver start
