[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

vmsplice bug, javascript vulnerable ?

        Regarding the root compromise in Debian 4.0R1, DSA 1491-1,
relating to vserver and vmsplice. Can one disable this feature or not
enable it, without breaking the kernel or anything else ?
Is it possible for remote programs, say a website that one is browsing
with javascript turned on [shudder], to do the vserver/vmsplice root
compromise or otherwise use it to degrade the system in some way ?
Thanks in advance.

frank.jansen@actrix.gen.nz, ZL2TTS
Reply to: