https://bugzilla.gnome.org/show_bug.cgi?id=669772 sysadmin | Other | unspecified
--- Comment #8 from Colin Walters <[email protected]> 2012-02-20 14:56:06 UTC --- Ok, there's one final step that needs root privileges on the guest, and that's to install as setuid root: http://git.gnome.org/browse/linux-user-chroot/ I'm fairly confident that this tool couldn't be used to compromise integrity or confidentiality on the machine. It's been through some review on LKML by security people, and e.g. Serge E. Hallyn roughly approved: https://lkml.org/lkml/2011/12/12/547 However it almost certainly would be easy enough to use the tool to create tens of thousands of mount table entries for a DoS. But on the other hand, I'm not sure there has ever been a point where one could install a "default" Fedora/RHEL/Debian that hasn't had easy to use DoS vectors. -- Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the QA contact of the bug. You are watching the assignee of the bug. _______________________________________________ gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
