[Users] socketpair exploit -- openvz is not vulnerable
Benjamin Henrion
bh at udev.org
Fri Nov 26 10:57:06 EST 2010
On Fri, Nov 26, 2010 at 4:42 PM, Kir Kolyshkin <kir at openvz.org> wrote:
> A DoS exploit which leads to system unresponsiveness was published
> yesterday. It works on most systems, luckily it doesn't work inside
> OpenVZ containers...
>
> Well, unless you don't set all the beancounters limits to 'unlimited'
> (which is a very bad idea in the first place), so please check your
> configuration. The limit which helps in this case is numothersock.
>
> See more details in OpenVZ blog: http://blog.openvz.org/34694.html
The CSS of the webpage does not work fine from here.
--
Benjamin Henrion <bhenrion at ffii.org>
FFII Brussels - +32-484-566109 - +32-2-4148403
"In July 2005, after several failed attempts to legalise software
patents in Europe, the patent establishment changed its strategy.
Instead of explicitly seeking to sanction the patentability of
software, they are now seeking to create a central European patent
court, which would establish and enforce patentability rules in their
favor, without any possibility of correction by competing courts or
democratically elected legislators."
More information about the Users
mailing list