We want to stop systemd from being added to docker images, because of rpm requiring systemctl.
Reindl Harald
h.reindl at thelounge.net
Tue Apr 29 19:48:38 UTC 2014
Am 29.04.2014 21:36, schrieb Andrew Lutomirski:
> On Tue, Apr 29, 2014 at 12:33 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>> simple example:
>>
>> * binary XYZ is vulerable for privilege escalation
>
> This makes no sense...
for you
>> * we talk about a *local* exploit until now
>
> ...I don't even know what you're trying to say here...
than google for
* "privilege escalation"
* "local exploit"
* "remote exploit"
that could be a good start:
http://en.wikipedia.org/wiki/Exploit_%28computer_security%29
>> * a bad configured webserver allows system-commands through a php-script
>> and i consider that you google for the /e modifier
>
> ...and this is already sufficient for a remote exploit.
yes, but the difference may be if you only can run unprivileged
code or have a chance to own the machine and get root
> Can we please move all discussion of "Zomg! This feature would take an
> existing security hole and turn it into a security hole with exactly
> the same impact" into its own thread or just stop it entirely? All it
> does is distract from real discussion
can you please start to goole for things others talking about?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140429/f98b402c/attachment-0001.sig>
More information about the devel
mailing list