Rootkit Hunter

Serg B. sergicles at gmail.com
Sat Dec 23 17:06:00 UTC 2006


So you are saying that breaking out of chrooted env. is impossible?

P.S.
James bond is not mere mortal, how could you!?

On 24/12/06, Martin Marcher <martin.marcher at openforce.com> wrote:
>
>
> Am 23.12.2006 um 16:33 schrieb Gabriel Dragffy:
>
> > I think perhaps that when we're talking about this kind of virus it
> > isn't limited to just VMware. Imagine a virtual server service that
> > has
> > a single computer hosting 50 operating systems using Xen
> > technology. Now
> > think about the trouble that a virus could cause all that.
> > Horrible. If
> > a virus managed to escape the guest OS...
>
> No need to think that this (method) is new. Just think of the very
> common chroot environments for
>
> * postfix
> * bind
> * apache
> * etc
>
> This is to some extend the same, postfix doesn't have a clue about
> the rest of the system when chrooted, you can't really find out about
> it. Also have a look at the way gentoo is installed, if you chroot
> to /mnt/myinstall you are trapped inside this directory, how would
> you get info about the hosts /proc (or whatever) filesystem.
>
>
> martin
>
> PS: still it is new as it is now hardware supported and doesn't need
> any special environment. Also James Bond is just a mere mortal, his
> emails can be faked too so no need for virtualization viruses :)
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
>
>
>


-- 
Serg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20061224/4e2f1465/attachment.html>


More information about the ubuntu-users mailing list