[systemd-devel] /run DoS
mkkp4x4 at gmail.com
Sun Apr 3 15:09:44 PDT 2011
2011/4/3 Kay Sievers <kay.sievers at vrfy.org>:
> 2011/4/3 Lennart Poettering <mzerqung at 0pointer.de>:
>> On Sun, 03.04.11 23:28, Michał Piotrowski (mkkp4x4 at gmail.com) wrote:
>>> > But for /dev/shm I see no quick fix... do you?
>>> Unfortunately not. No one foresaw that quota support on tmpfs will
>>> someday be useful :)
>>> > I think we should fix either both or should wait for the proper fix by
>>> > the kernel.
>>> Can you temporarily fix one?
>> Well, of course we could.
>> But, think about it, what does this help? The vulnerability doesn't go
>> away by doing this, and we'd have a temporary hack in there, that we'd
>> have to remove later on again.
> Systems who might run into problems with /dev/shm, can just add limits
> to /etc/fstab, and systemd will re-mount it and apply them.
> There should really be a _proper_ solution some day, be it quota or
> something else. We have way too many /tmp-like dirs, where users can
> just leave their crap behind and cause problems. This is really
> nothing new with systemd.
I'm not saying that systemd is guilty of anything here :) Introduction
of /run dir just introduced yet another problem that can be used by
malicious users. I know that the most appropriate solution would be to
fix tmpfs but before it happens this problem can be used many times to
piss off admins and other system users.
More information about the systemd-devel