> -I have also modified the capability system a little, so those virtual server
> administrators can't take over the machine. I have introduced a per-process
> capability ceiling, inherited by sub-process. Even setuid program can't grab
> more capabilities..
Really? What hardware do they see in /dev/? Do their servers have for
example mouse? What about ethernet cards?
Does /proc/kmem work in virtual servers?
[Why I'm asking? I'm trying to find ways to take over the machine. Do
you want to give me root on your machine stating that I can't
interfere?]
You might want to announce this on bugtraq. [And give solar designer
root account, he might be more creative ;)].
Pavel
-- STOP THE WAR! Someone killed innocent Americans. That does not give U.S. right to kill people in Afganistan.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/