[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

vserver path leak?



Hi all,
An email I meant to send some weeks but, but forgot until the other
vserver thread came up.

I'm wondering if this is a security issue worth worrying over.
Situation:
- Host is testing, running 2.6.26-2-vserver-686
- both vservers are running stable

In one vserver I had cd'd into /root/icecat, and built a package. I
decided I wanted the package in the other vserver, so I moved it from
the host system into the /root/ directory in the 2nd vserver.

 `mv /var/lib/vservers/autobuilders/root/icecat/ /var/lib/vservers/buildvserver/root/`

when I cd'd out of /root/icecat in the first vserver, I was presented
with something that looked like a combination of both paths:
 /var/lib/vservers/autobuilders/lib/vservers/buildvserver

The suggestion in #vserver was "if you manage to get a host path on a
recent (non broken, i.e. non-debian :) kernel and util-vserver, then it
is considered a bug and will be fixed ASAP ... because that basically
means that the namespace isolation is not working properly"

Is this a valid bug? Is there some debianisms involved that could cause
the issues, or is it just another upstream who doesnt like "unoffical"
packages? :)
kk

-- 
Karl Goetz, (Kamping_Kaiser / VK5FOSS)
Debian contributor / gNewSense Maintainer
http://www.kgoetz.id.au
No, I won't join your social networking group

Attachment: signature.asc
Description: PGP signature


Reply to: