Re: security bug (Re: Announcing the release of Fedora 15 Beta!!)
W dniu 22 kwietnia 2011 19:00 użytkownik Jared K. Smith
<jsmith(a)fedoraproject.org> napisał:
2011/4/22 Michał Piotrowski <mkkp4x4(a)gmail.com>:
> I believe that users should be warned about problem described here
> https://bugzilla.redhat.com/show_bug.cgi?id=693253
>
> It seems to me that it would be appropriate to write about it in
> "Known Issues" in release notes.
Thanks for the note.
The suggestion that we add this to the "Known Issues" section of the
release notes sounds very reasonable to me. Have you asked the Docs
team to add it.
No, I did not. First I wanted to find out what do you think about this
idea. CC'ing docs ml.
As the thread on the systemd-devel list (linked from the bug report
you opened) suggests, there are *many* ways that local users can cause
a local DoS by consuming resources. And yes, I agree that quota
support for tmpfs is probably a good long-term solution, but I think
we can all reasonably agree that quota support isn't going to be
written and tested in time for Fedora 15, and that it's not worth
postponing the release of Fedora 15 to wait for quota support.
Naturally. I never suggested postponing of the release :)
Documenting it is the next best course of action, I think.
This problem can affect only systems that are used by many local
users. Simplest workaround for these systems will be mounting another
tmpfs in /run/user/ .
--
Jared Smith
Fedora Project Leader
--
Best regards,
Michal
http://eventhorizon.pl/