On Thursday 03 March 2005 02:17, nils toedtmann wrote: > On Wed, Mar 02, 2005 at 12:35:23PM -0800, Jim Carter wrote: > > On Wed, 2 Mar 2005, Maarten wrote: > > > Out of curiosity, is a 'default' SKAS-enabled guest (and without the > > > host-fs kernel option) safe enough as a sandbox to let untrusted users > > > in, or are additional measures in order to really secure it (or more > > > paranoia ;-) ? Ie. how difficult is it to gain access to the host OS > > > from the UML guest?
> But even if the attacker succeeds in running a kernel exploit > against the host kernel: Most kernel exploits i have seen result > in id=0, but still inside a chroot. So he still has to escape it, > which is not so easy if you cannot create devices. Sorry, a chroot is nothing when you have 0 uid. See man 2 chroot. This strangeness in chroot() can be fixed with GrSecurity, but I've heard it creates problem with Qmail. > Another problem are dos attacks mounted from a rooted uml. Mr. > evil could try to consume as much resources as possible to slow > down the host. > For example, flooding /dev/net/tun would probably > decelerate networking for all other umls. Interesting, though this concept is a bit > Renicing may prevent > consuming too much cpu-time. Are there any QoS capabilities on > the uml roadmap? Uml is a normal userspace process, so nothing new here. Especially, have you investigated normal limits? With /etc/limits.conf you can ulimit the max CPU time; I guess there's a way to limit the traffic out of an interface (I've read some articles on that). And there are limits on the number of open files a process can have. If you want that UML bundles in itself some of this trick, that could be done. Really it would be a task for setup utilities to create a proper chroot. -- Paolo Giarrusso, aka Blaisorblade Linux registered user n. 292729 http://www.user-mode-linux.org/~blaisorblade ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ User-mode-linux-user mailing list User-mode-linux-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
