We want to stop systemd from being added to docker images, because of rpm requiring systemctl.

[Reindl Harald]

Am 29.04.2014 22:22, schrieb Chris Adams:
> Once upon a time, Reindl Harald <h.reindl at thelounge.net> said:
>> don't get me wrong but you are talking bullshit
> 
> Put up or shut up

i shut when i say - not when you say

https://www.google.com/search?q=local+root+exploit+CVE

google as example for CVE-2014-0038 and as i already explained
you: a attacker has no shell, you have two ways to force a existing
local exploit by a web-application:

A: try to get a complete script on the machine and execute it
B: find a very likely present binary and bring it to do the
   rest of the attack for you with arbitary input

if you find B it's much easier because pass unsanitized input
to a web-script calling system() with it is one thing,
find a way to create a local file with whatever input you like
and execute it finally is a complete different world and needs
much more than one security problem in the web-application

>> you can't download whatever you like to do in any random situation
>> and excutue it like in a sehll - if you have only *one command* through
>> a web application you need to achieve that this single command triggers
>> the whole attack surface down to the critical component giving you
>> root access
> 
> If you can't explain how a non-privileged binary can result in a
> privilege escalation, then you are wrong. You need to go up-thread and
> read what I was responding to and show how it is wrong.

in case it don't sanitize user input, calling a already running
privileged  process and feed it with arbitary input damend

do you really pretend that never happened in the past?
and no i do not get paied to seek archives for you!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140429/2b08d759/attachment.sig>