[nycbug-talk] Jail Performance
Sunny Dubey
sunny-ml
Thu Jan 6 08:33:45 EST 2005
On Wednesday 05 January 2005 10:48, Isaac Levy wrote:
> Question for Sunny:
>
> - What happens if a UML instance has a buggy/exploitable kernel? How
> or is it contained? I'm just curious...
The UML kernel is run like any other process is. So if I ran a UML kernel
with the user USER1 and there was a local root exploit in the kernel,
theoretically I could exploit the UML kernel and gain whatever privs USER1
has on the host-OS.
(Well that is how it should work ... various compatibility bugs have prevented
the above from happening in the past. The intention is to *remove* these
bugs.)
Sunny Dubey
More information about the talk
mailing list