We want to stop systemd from being added to docker images, because of rpm requiring systemctl.
linux at cmadams.net
Tue Apr 29 18:51:44 UTC 2014
Once upon a time, Marcelo Ricardo Leitner <marcelo.leitner at gmail.com> said:
> You're considering only the escalation way to do it, but there are
> other ways to exploit code laying around, like when some web pages
> don't sanitize the URL enough and end up allowing executing
> something in the system, much like sql injection. In those cases,
> one could craft URLs to run wget or any other tool that may help the
> intruder get even more inside.
Down that path lies madness. Are you going to remove /bin/sh? If not,
virtually anything else is possible.
Chris Adams <linux at cmadams.net>
More information about the devel