>> Isn't it trivial to break out of chroots?
No. Not always. That's the whole point of chrooting in the first place isn't it?
However as pointed out below this is a local exploit, i.e. run from a
shell so doesn't have anything to do with a web server chrooted or
otherwise.
>> Aren't there loads of local root exploits already?
Pretty much. Limit shell accounts and access to ssh port is the good
old obvious thing to do.
> Why so much news about this one?
Good question actually. But a couple reasons might contribute: 1. Many
of the loads of exiting ones are in userland stuff that may or may not
be installed. A system may or may not have a vulnerable perl module or
ftp command or whatever it is. Every system has a kernel though. So
even though not every one will be a vulnerable version, still the
numbers of vulnerable systems are probably greater than for other
exploits. 2. Apparently a nasty side effect of trying this within a
Xen VM is that it can crash the hypervisor and therefore bring down
all other VMs. This could be very bad in a shared VM hosting set up
where one vulnerable account on one VM could result in complete
reboots of many other non-vulnerable VMs.
Note point one is speculation and point two is rumour. But that's what
came to mind.
Cheers,
Daniel
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
