On Wed, 2 Mar 2005, Maarten wrote: > Out of curiosity, is a 'default' SKAS-enabled guest (and without the host-fs > kernel option) safe enough as a sandbox to let untrusted users in, or are > additional measures in order to really secure it (or more paranoia ;-) ? > Ie. how difficult is it to gain access to the host OS from the UML guest?
Here's my take on the issue. Do other list members have additional or contravening insights? If a very sharp hacker "gets root" on the UML guest, he can overwrite the kernel any way he pleases, executing arbitrary code as the UML special user. If he finds himself in a chroot jail, he can import statically linked tools (using ports that have to be open for the guest's mission) and perpetrate the same 'sploit against the host. The jail makes this harder but not impossible. So if there's an exploit in the wild against your kernel version, UML won't save you. However, if you're running a known unsafe service in UML, like a honeypot, and the hacker attacks it, he can trash your UML or use it for spamming or other evil activities (if the host's firewall allows), but if the unsafe service is unavailable on the host, that's as far as he can get. A chroot jail is (probably) not escapable without being root on the host. For recovery it's helpful to have a readonly root filesystem and a COW file which is the only thing the hacker can trash. Am I correct that hostfs is not intrinsically unsafe? But if your host keys or other sensitive data are mode 644 so the UML special user can read them, the hacker can steal them, just as could any other compromised account. James F. Carter Voice 310 825 2897 FAX 310 206 6673 UCLA-Mathnet; 6115 MSA; 405 Hilgard Ave.; Los Angeles, CA, USA 90095-1555 Email: [EMAIL PROTECTED] http://www.math.ucla.edu/~jimc (q.v. for PGP key) ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ User-mode-linux-user mailing list User-mode-linux-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
