[Openstack-security] Deriving Instance UUID
Michael Still
mikal at stillhq.com
Tue Dec 10 15:40:31 UTC 2013
Well, that's the Folsom with file injection bit. You can break out of
the hypervisor using the bugs in file injection we fixed back then.
Like I said, pretty theoretical.
Michael
On Tue, Dec 10, 2013 at 9:09 AM, Russell Bryant <rbryant at redhat.com> wrote:
> On 12/10/2013 10:02 AM, Michael Still wrote:
>> Hmmm.
>>
>> If you know the UUID of an instance, and can assume default
>> configurations, then you know a bunch of information about how the
>> files on the hypervisor disk are laid out.
>>
>> Assuming:
>> - you're running an old release without patches (I'm thinking Folsom
>> from memory?)
>> - and have file injection turned on
>> - and know the path to another instance's data
>> - then that might make it possible to manipulate files in the
>> instance directory
>>
>> This is very theoretical though, there's a lot of assumptions there.
>
> Assuming you can get at the host filesystem, right? And if you can get
> to the host filesystem, well ... there's plenty possibilities for bad
> things.
>
> --
> Russell Bryant
>
> _______________________________________________
> Openstack-security mailing list
> Openstack-security at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
--
Rackspace Australia
More information about the Openstack-security
mailing list