On Wed, Apr 27, 2005 at 06:49:21PM +0200, Oliver Dietz wrote: > Hi Oliver, > > >>Would you give anyone (that you don't know realy good) root-access to a > >>(correctly configured) vserver, when the host-system is a sensible > >>productive system? > > > >As there are a lot of companys outside who sell vServer's on their > >systems I think - yes you can ;) > > ok, that a good point/answer :-)) > > >vServer has mulitple securitty features to prevent people from breaking > >out of a context - I dont know if there is no way, but at least there is > >no known one at the moment > > I'm trying a few days now to get the infomarions from all the "papers" on > linux-vserver.org together ... but it's realy hard to find the "red line" > through all that ... so i'm not realy sure if i've done all correct and if > my vserver is secure (i'm no real linux-inside) isolated ... > > Is there a tool (like testme.sh) that tests the common (maybe also > uncommon) possibilities of misconfigurations (like the capabilities and > chroot-exploids) from inside the VServer?
not yet, but sounds like something useful to me ... any volunteers? best, Herbert > Thanks! > Oliver > > _______________________________________________ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
