The standard kernel from RH7.2 is version 2.4.7-10. I can't say the exploit described works on this kernel (RedHat does some patching of their own) and the description of the exploit does not day that any earlier kernel versions are exploitable. But i figure that a kernel upgrade is the only solution if you want to be sure.
Maarten -----Oorspronkelijk bericht----- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Namens Ben Kennish Verzonden: donderdag 5 september 2002 13:09 Aan: [EMAIL PROTECTED] Onderwerp: Chroot security concern Hi all, Just a quick question about the security of the chroot() jail implemented by FreeVSD. I have just read the following URL... http://www.solucorp.qc.ca/howto.hc?projet=vserver&id=62 ... and am wondering whether a default install of RH7.2 (2.4.9-34 kernel) has any "chroot breaking" exploits? Unfortunately, I don't have a very good knowledge of C so I can not test the exploit mentioned at the end of the page - can anyone else? TIA. Kind regards, -- Ben Kennish [EMAIL PROTECTED] ------------------------- The freeVSD Support List -------------------------- Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support Archives: http://freevsd.org/support/mail-archives/freevsd-support ---------------------------------------------------------------------------- - ------------------------- The freeVSD Support List -------------------------- Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support Archives: http://freevsd.org/support/mail-archives/freevsd-support -----------------------------------------------------------------------------
