Some people wrote to me: your script is bad, it detects qemu, but qemu
is bugfree.
ok, looking qemu:
qemu makes mount the directory /tmp/mount.$$. Attacker creates many
symlinks /tmp/dir.\d+ -> /etc and if qemu
(/usr/sbin/qemu-make-debian-root) starts then /etc goes
out from root directory tree. The result: system is unusable.
example of script for attacker:
perl -e 'symlink("/etc", "/tmp/mount.$_") for ($$ .. $$ + 10000)'
instead /etc attacker may select any system directory, for example /var,
/usr or even /.
of course I may be mistaken but I don't use qemu, sorry.
--
... mpd is off
. ''`. Dmitry E. Oboukhov
: :’ : unera@debian.org
`. `~’ GPGKey: 1024D / F8E26537 2006-11-21
`- 1B23 D4F8 8EC0 D902 0555 E438 AB8C 00CF F8E2 6537
Attachment:
signature.asc
Description: Digital signature