User: Password:
|
|
Subscribe / Log in / New account

A privilege escalation via SCSI pass-through

A privilege escalation via SCSI pass-through

Posted Jan 6, 2012 10:01 UTC (Fri) by drag (subscriber, #31333)
In reply to: A privilege escalation via SCSI pass-through by dougg
Parent article: A privilege escalation via SCSI pass-through

> If the VM vendors were doing their job properly then SCSI targets accessible from within a VM would themselves be virtual; for example with storage backed from a file (or partition) on the host machine.

From what I've read...

No. From a file, yes. From a partition: No.

Any block device. It does not have to do with iSCSI or SCSI or anything like that in particular. It's any block device on a storage device that uses SCSI subsystem, which is going to be most things. That means whole disks, partitions, and logical volumes on most storage devices (such as SATA drives) are vulnerable.

On my KVM virtual machines I use LVM because of the performance advantage of using block devices directly rather then through file-backed storage.

This bug is a bit disheartening.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds