Linux userspace exploit mitigation vs Java attacks

Last night I was doing some tests of Metasploit against SalixOS 14.1 (x86). Metasploit was not able to break into the Salix VM from the host machine at all. What is interesting about this is
- I was using mostly Java exploits targeted at JRE 1.7
- I'm pretty sure most of them should have worked with the JRE version in Salix
- I had Java completely enabled and unblocked in the browser (and allowed unsigned applets when necessary)
- The exploits would hang indefinitely trying to get a reverse shell, even with UFW allowing everything outbound

I will have to confirm with more thorough tests, so please do not take my word on this. But it is starting to look to me like "arbitrary code execution" in Linux userspace may not be very arbitrary at all.

Since it is now the weekend I'll make some new attempts today. Watch this space.

 

Sorry, this kind of fell through yesterday what with the firewall testing. There is other stuff I have to do so I will probably postpone it until next weekend.