We want to stop systemd from being added to docker images, because of rpm requiring systemctl.
h.reindl at thelounge.net
Tue Apr 29 19:48:38 UTC 2014
Am 29.04.2014 21:36, schrieb Andrew Lutomirski:
> On Tue, Apr 29, 2014 at 12:33 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>> simple example:
>> * binary XYZ is vulerable for privilege escalation
> This makes no sense...
>> * we talk about a *local* exploit until now
> ...I don't even know what you're trying to say here...
than google for
* "privilege escalation"
* "local exploit"
* "remote exploit"
that could be a good start:
>> * a bad configured webserver allows system-commands through a php-script
>> and i consider that you google for the /e modifier
> ...and this is already sufficient for a remote exploit.
yes, but the difference may be if you only can run unprivileged
code or have a chance to own the machine and get root
> Can we please move all discussion of "Zomg! This feature would take an
> existing security hole and turn it into a security hole with exactly
> the same impact" into its own thread or just stop it entirely? All it
> does is distract from real discussion
can you please start to goole for things others talking about?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 246 bytes
Desc: OpenPGP digital signature
More information about the devel