[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Re: Kernel versions 2.2.x are also affected by new Kernel bug!



Ralf Ronneburger wrote:

And what about hosting providers with thousands of clients? User can
upload exploit via ftp and execute it via httpd.
Internet Service Providers have to userdel -r too?


Not just "yes", but "hell, yes". For one, if you have a user/customer that would do that to your system, you don't need them, no matter how much they pay. Also, most hosting TOS/AUPs prohibit that kind of behavior. If I had a customer who did that to my system, his account would be cancelled and his name given to the other ISPs and hosting providers in town before that machine was finished rebooting.

I wounder how you'd find that out before that machine has rebooted? The problem is not that this user might do it again (userdel -r will prevent him from doing that), but if he does it once that'll do enough harm. And it won't be so easy to find out who did it. I agree with Boris - I'd feel better with a patch.

Well, okay, but there is a patch. at least not from suse but hosting
providers hopefully use their own kernel anyway cause of the many
useless things a normal suse kernel supports (even when just as module).
Nothing against SuSE Kernels, but on such boxes like hosting providers
tend to run i would highly recommend a self baked kernel. If its that
critical its better to be your own boss instead of waiting for others.

Regards,
Sven


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here