Comment by quantummagic
5 hours ago
It's not always as easy as you imply. All the attack vectors you mentioned, require root on the host, before you can make the change or install the trojan.
5 hours ago
It's not always as easy as you imply. All the attack vectors you mentioned, require root on the host, before you can make the change or install the trojan.
The attack gives you ability to overwrite any cached page. So you don't need to be root to "edit" /etc/passwd.
Not of the host system, assuming we're talking about a compromised VM, running as a non-root user.
I assume you mean container, not VM. But yes, container makes it harder.