[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] xen in hosting envoroment
On Sun, Feb 03, 2008 at 10:09:08AM +0000, Nico Kadel-Garcia wrote: > That would be a *SERIOUS* bug, and if anyone knew of such, we'd be > reporting it pretty fast. There was a fascinating RHEL bug reported, in > the use of pygrub, because pygrub would read the grub contents from the > DomU at boot time and this created an interesting security risk for the > pygrub program itself. what ever happened to this, anyhow? did PyGrub start running fsck before it mounts the untrusted filesystems? or was the solution to fix http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497 such that linux doesn't panic on corrupted filesystems? Why wouldn't pygrub run fsck on it's target system anyhow? I mean, even if the user isn't being malicious, it's quite possible that the partition in question was shut down improperly. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |