We want to stop systemd from being added to docker images, because of rpm requiring systemctl.
Andrew Lutomirski
luto at mit.edu
Tue Apr 29 20:04:11 UTC 2014
On Tue, Apr 29, 2014 at 12:48 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>
>
> Am 29.04.2014 21:36, schrieb Andrew Lutomirski:
>> On Tue, Apr 29, 2014 at 12:33 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>>> simple example:
>>>
>>> * binary XYZ is vulerable for privilege escalation
>>
>> This makes no sense...
>
> for you
>
>>> * we talk about a *local* exploit until now
>>
>> ...I don't even know what you're trying to say here...
>
> than google for
>
> * "privilege escalation"
> * "local exploit"
> * "remote exploit"
>
> that could be a good start:
> http://en.wikipedia.org/wiki/Exploit_%28computer_security%29
>
>>> * a bad configured webserver allows system-commands through a php-script
>>> and i consider that you google for the /e modifier
>>
>> ...and this is already sufficient for a remote exploit.
>
> yes, but the difference may be if you only can run unprivileged
> code or have a chance to own the machine and get root
Can you give an actual concrete example of wtf you're talking about?
Because I suspect that you're completely wrong, but maybe you're right
and no one on this thread understands what you're trying to say.
Feel free to say things like "suppose I have a php app that does XYZ"
and feel free to add supposedly vulnerable udev binaries, copies of
sh, copies of busybox, copies of python, gcc, etc, as needed for this
to make any sense.
--Andy
More information about the devel
mailing list