Hi Arjen,
Is there a tool (like testme.sh) that tests the common (maybe also uncommon)
possibilities of misconfigurations (like the capabilities and
chroot-exploids) from inside the VServer?
You should have a look at the bastille linux project, as far as I know this
is a script that can harden but also (taken from
http://www.bastille-linux.org/)
<snip>
Bastille can also assess a system's current state of hardening, granularly
reporting on each of the security settings with which it works.
</snip>
(I don't think running it inside a vserver will be an issue since I understood it should not be able to escape the context its running in.)
hm ... after a short overview, i dont't think its what i want ...
I've tried to run it on Suse 9.2 ... unsupported at the moment
And inside my vserver it doesn't recognize the OS (how could it be ... its an LFS http://www.linuxfromscratch.org ;-))
Thanks for the tip - it an interesting project, will try it asap on a Suse 9.1 :-))
Oliver
_______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
