| ||Ask HN: Do user-mode exploits render Heroku (and similar) too dangerous to use?|
3 points by wrs on Sept 27, 2010 | hide | past | web | favorite | 1 comment |
|The recent privilege escalation exploit in Linux prompts me to ask this.|
Heroku runs multiple application instances (20 or more) on a single Linux VM. As they put it, they rely on "battle-tested Unix permissions" to separate applications. However, it is clear that each step in the deployment spectrum from dedicated server to VM to process increases the attack surface.
It seems that a user-mode privilege escalation in Linux would render Heroku applications vulnerable to each other. Furthermore, by simply increasing the number of dynos and issuing a bunch of requests, an evil application would be automatically deployed on a large number of victim instances, coming into contact with hundreds or thousands of other applications.
What effect does the probability of a 0-day exploit like this have on the practicality of Heroku, and any similar shared hosting platform? Obviously this is hard to quantify, so feel free to answer with an educated guess.
| Apply to YC