[EMAIL PROTECTED] ("Dariush Pietrzak,,,") writes:
>> legacy configuration does not have a big future and *would*
>> need security fixes first, this has a very low priority.
> What security fixes?Oh... where shall I begin? Basically, the filesystem operations are full of races and contain enough opportunities for symlink attacks. Fixes would need the redesign of large parts of the legacy tools. The non-legacy part of util-vserver is the result of this redesign and I am sure that symlink attacks are impossible and races were eliminitated there ;) (The 'initpost' script of RH style vservers is an exception...) Enrico
pgpdsbHHKwUoW.pgp
Description: PGP signature
_______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
