vmsplice bug, javascript vulnerable ?



Greetings,
Regarding the root compromise in Debian 4.0R1, DSA 1491-1,
relating to vserver and vmsplice. Can one disable this feature or not
enable it, without breaking the kernel or anything else ?
Is it possible for remote programs, say a website that one is browsing
with javascript turned on [shudder], to do the vserver/vmsplice root
compromise or otherwise use it to degrade the system in some way ?
Thanks in advance.

frank.jansen@xxxxxxxxxxxxx, ZL2TTS


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx



Relevant Pages

  • Re: Getting started with Xen -- Xen enabled kernel for Lenny?
    ... I heard are include in the kernel mainline, ... I don't hink it will be included in the mainline kernel any ... I may be wrong on vserver, but i read a bit about the kvm stuff and forgot ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: vmsplice bug, javascript vulnerable ?
    ... Regarding the root compromise in Debian 4.0R1, DSA 1491-1, ... relating to vserver and vmsplice. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
    (Debian-User)
  • Re: linux-vserver (or equvalent) in wheezy
    ... there are no plans for vserver or openvz kernel packages in wheezy, ... I think that the kernel maintainers ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: Getting started with Xen -- Xen enabled kernel for Lenny?
    ... I heard are include in the kernel mainline, ... I don't hink it will be included in the mainline kernel any ... I may be wrong on vserver, but i read a bit about the kvm stuff and forgot ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
    (Debian-User)
  • vserver root compromise, remote exploitation possible ?
    ... Regarding the root compromise in Debian 4.0R1, DSA 1491-1, ... relating to vserver and vmsplice. ... without breaking the kernel or anything else? ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
    (Debian-User)