> inside a vserver and allows to become root inside the vserver. Of course > this does not allow to break out of the vserver completly, but if you I don't think 'Of course' is the right word here. Almost any kernel root vulnerability leads to breaking out of vserver chroot in the right( err... wrong ) hands. Fortunatelly xploit writers tend to ignore vserver enviroment, so luckily ( I think a bit better suited expression then 'Of course' for this situation ) most of latest exploits land your right back inside vserver you started from.
What vserver protects from is faults in user suid programs/daemons. To be protected(?) from kernel vulnerabilities you need UML-style solutions, of course, once someone roots uml, there's very little stopping him from breaking out of UML and running exploit outside. -- Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9 We're giving you a new chance in life, and an opportunity to screw it up in a new, original way. _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
