I just tried the exploit and my /vservers directory did NOT get chmoded to 001, looks like I pass. Lots of: cd ..: Permission denied chmod: Operation not permitted
This is with /vservers at 000 AND the +t attr, vs1.26 and vserver-0.29. Yes, I know I should upgrade tools. Side note: using vbuild to build a vserver with /vservers +t creates a vserver with too many +t's. I needed to chattr -t the vserver and then vunify to get everything working. Cathy On Mon, 9 Feb 2004, Erik Smit wrote: > On Mon, Feb 09, 2004 at 12:27:25AM +0100, Michael Hilscher wrote: > > Hallo, > > > > i tried to upgrade my vserver installation from an 'ancient' 2.4.20 ctx > > 16 up to > > 2.4.24, 1.26, 0.28 (Tested with Debian Woody and SuSE 8.1). > > > > On my Testserver I found out, that the root-exploit is still working - > > aswell on updated old system (synced of productive server) and clean > > (means fresh installed) suse 8.1 system! Is there an special patch i > > need for vs1.26? > > Did you chmod /vservers back to 000 after running the exploit on a > vulnerable system? The exploit chmods it to 001. > > I fell for this one also. :) > > Regards, > > Erik Smit > _______________________________________________ > Vserver mailing list > [EMAIL PROTECTED] > http://list.linux-vserver.org/mailman/listinfo/vserver > _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver