Marc Haber schrieb am Friday, den 18. February 2005: > On Fri, Feb 18, 2005 at 04:40:56AM -0800, Harry wrote: > > --- Marc Haber <[EMAIL PROTECTED]> wrote: > > > What does this gain you? A compomised uml is as bad as a compromised > > > system. > > > Nice idea. However, if somebody roots one of the UML installation, > that somebody can probably escape out of the UML and gain user > privileges on the host system and then use one of the numerous kernel > vulnerabilities (I have long lost track of them) to escalate to root > on the host system. > > I am quite sceptical about using UML to allow security flaws in UMLled > system components.
Have a look at vservers (http://linux-vserver.org/), designed specifically to fix the problems that can be circumvented with chroots, take up significantly less resources than UMLs, and are really quite cool. micah -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
