Leaving SolusVM

trewq · Aug 20, 2014

K2Bytes said:
You mean SolusVM still got some master related vulnerability?

He means that if someone has access to your master sever your screwed even if it uses keys.

AMDbuilder · Aug 20, 2014

trewq said:
He means that if someone has access to your master sever your screwed even if it uses keys.

Given their track record I wouldn't be so sure they don't have vulnerabilities in the master still...

Francisco · Aug 20, 2014

K2Bytes said:
You mean SolusVM still got some master related vulnerability?

Solus has/had some hilariously bad exploits.

The slaves didn't/don't actually validate/scrub any of the data the master node sends and they simply push the data to shell_exec() with a root SETUID binary.

You could quite literally pass the slave a CTID (should only ever be an unsigned int) of "1; dd if=/dev/zero of=/dev/sda bs=100M" and it'd run the DD as root.

With stallion, we made it so the nodes don't just blindly trust data sent to it by our master. It validates everything and only *then* does it pass any of the data onward.

Now, this 'bug' is only really an issue if you got access to someones master node. There has been more than a few exploits in Solus that allowed full root shells to be started.

Francisco

Leaving SolusVM

trewq

Active Member

AMDbuilder

Active Member

Francisco

Company Lube