We want to stop systemd from being added to docker images, because of rpm requiring systemctl.

Reindl Harald h.reindl at thelounge.net
Tue Apr 29 19:48:38 UTC 2014

Am 29.04.2014 21:36, schrieb Andrew Lutomirski:
> On Tue, Apr 29, 2014 at 12:33 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>> simple example:
>> * binary XYZ is vulerable for privilege escalation
> This makes no sense...

for you

>> * we talk about a *local* exploit until now
> ...I don't even know what you're trying to say here...

than google for

* "privilege escalation"
* "local exploit"
* "remote exploit"

that could be a good start:

>> * a bad configured webserver allows system-commands through a php-script
>>   and i consider that you google for the /e modifier
> ...and this is already sufficient for a remote exploit.

yes, but the difference may be if you only can run unprivileged
code or have a chance to own the machine and get root

> Can we please move all discussion of "Zomg! This feature would take an
> existing security hole and turn it into a security hole with exactly
> the same impact" into its own thread or just stop it entirely?  All it
> does is distract from real discussion

can you please start to goole for things others talking about?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140429/f98b402c/attachment-0001.sig>

More information about the devel mailing list