Linode Forum
Linode Community Forums 		 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic

Board index » Linux Community Forums » Performance and Tuning
  Previous topic | Next topic 
Author Message
astrashe
 Post subject: building kernels
PostPosted: Thu Aug 05, 2004 7:13 pm 
Offline
Senior Newbie

Joined: Thu Jul 29, 2004 4:51 pm
Posts: 5
In another thread, bji said:

Quote:
No, you cannot load your own kernel modules. Allowing a Linode to modify the kernel in any way (including loading modules) would be a serious security problem for the Linode host. If you were able to load a kernel module, you would be able to force the host system to run arbitrary code. This is not allowed.


Is this true? I was under the impression that user-mode linux created a "sandbox" for the individual virtual servers that we have here.

If we can build our own kernels, does anyone know what's running in the debian distro? Are there any non-standard patches?

Thanks...
Top
   
Reply with quote  
pclissold
 Post subject: Re: building kernels
PostPosted: Fri Aug 06, 2004 3:52 am 
Offline
Senior Member
User avatar

Joined: Fri Oct 24, 2003 3:51 pm
Posts: 965
Location: Netherlands
astrashe wrote:
I was under the impression that user-mode linux created a "sandbox" for the individual virtual servers that we have here.

It still isn't secure to allow the execution of arbitrary code in the UML kernel space.


astrashe wrote:
If we can build our own kernels, does anyone know what's running in the debian distro? Are there any non-standard patches?

Only caker's kernels get to run, and they are the same whichever distro you choose. The patches from vanilla code are shown here: http://www.linode.com/support/kernels.cfm. The only really non-standard stuff relates to a token bucket filter/limiter around the UML async UBD driver to stop one Linode hogging all the disk i/o capacity on the host. See here: http://www.linode.com/forums/viewtopic.php?t=790

_________________
/ Peter
Top
   
Reply with quote  
astrashe
 Post subject: Thanks
PostPosted: Fri Aug 06, 2004 12:21 pm 
Offline
Senior Newbie

Joined: Thu Jul 29, 2004 4:51 pm
Posts: 5
Thanks, that's very helpful. I appreciate the information.
Top
   
Reply with quote  
Display posts from previous:  Sort by  
Post new topic  Reply to topic

Board index » Linux Community Forums » Performance and Tuning


Who is online

Users browsing this forum: No registered users and 2 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group