On Wed, 2015-05-13 at 10:00 -0400, Dan McDonald wrote: > > On May 13, 2015, at 8:37 AM, Joe Malcolm <[email protected]> wrote: > > > > Two questions on this Kvm/Xen/QEMU issue: > > > > 1) Does this also affect the kvm bits in SmartOS? > > Yes. I've a pull request in for the fix: > > https://github.com/joyent/illumos-kvm-cmd/pull/20 > > > 2) Are those kvm bits resident in the encapsulating container, or are > > they associated with the boot image? I.e., is rebooting with a new > > image, once those are available, sufficient, or do the zones need to > > be rebuilt? > > If I understand correctly, this affects the qemu binary, which is part of the > boot image (it's an executable that's part of the OS's global zone).
Yes, it's loopback mounted from the gz. Rebooting onto a new system image will replace it once a new build is available. One other thing to note is that the qemu process on SmartOS runs inside a zone, so escaping the qemu just gets you root in a zone that has basically nothing in it except the qemu binary and some config. You would need an additional kernel privesc vuln to escape that zone and take control over the entire box. ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
