On 03/26/2008 04:51 AM, C.T.F. Jansen wrote:
Greetings,
Regarding the root compromise in Debian 4.0R1, DSA 1491-1,
relating to vserver and vmsplice. Can one disable this feature or not
enable it, without breaking the kernel or anything else ?
Is it possible for remote programs, say a website that one is browsing
with javascript turned on [shudder], to do the vserver/vmsplice root
compromise or otherwise use it to degrade the system in some way ?
Thanks in advance.
[EMAIL PROTECTED], ZL2TTS
Surely you're not talking about this:
http://www.debian.org/security/2008/dsa-1491
But instead you meant to discuss this:
http://www.debian.org/security/2008/dsa-1494
Debian seem to have backported the fix to their
version of Linux 2.6. If you have security.debian.org in your
sources.list and you've updated, you should be safe.
I can't directly answer your question however.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
