We want to stop systemd from being added to docker images, because of rpm requiring systemctl.
luto at mit.edu
Tue Apr 29 19:36:59 UTC 2014
On Tue, Apr 29, 2014 at 12:33 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
> simple example:
> * binary XYZ is vulerable for privilege escalation
This makes no sense...
> * we talk about a *local* exploit until now
...I don't even know what you're trying to say here...
> * a bad configured webserver allows system-commands through a php-script
> and i consider that you google for the /e modifier
...and this is already sufficient for a remote exploit.
Can we please move all discussion of "Zomg! This feature would take an
existing security hole and turn it into a security hole with exactly
the same impact" into its own thread or just stop it entirely? All it
does is distract from real discussion.
More information about the devel