On Fri, Feb 18, 2005 at 04:40:56AM -0800, Harry wrote: > --- Marc Haber <[EMAIL PROTECTED]> wrote: > > What does this gain you? A compomised uml is as bad as a compromised > > system. > > I can wipe the UML if the host has not been compromised. This saves me > a journey to the location where the host is stored and ?75 quid to get > to the machine to reinstall the host. > > If I have ten customers running various falvours of Debian in their UML > its sods law that eventually one of them is going to be cracked. If I > can prevent (as much as feasbly possible) this from spilling onto the > host then it saves me a lot of work.
Nice idea. However, if somebody roots one of the UML installation, that somebody can probably escape out of the UML and gain user privileges on the host system and then use one of the numerous kernel vulnerabilities (I have long lost track of them) to escalate to root on the host system. I am quite sceptical about using UML to allow security flaws in UMLled system components. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
