W dniu 3 kwietnia 2011 22:39 użytkownik Lennart Poettering mzerqung@0pointer.de napisał:
On Sun, 03.04.11 13:54, Lennart Poettering (mzerqung@0pointer.de) wrote:
On Sun, 03.04.11 13:10, Michał Piotrowski (mkkp4x4@gmail.com) wrote:
Hi,
I can write to /run/user/michal in this way I can fill the entire free tmpfs space which is not good from my POV.
Yupp, this is trivially fixable by placing another tmpfs on /run/user, which can be done by installing a run-user.mount unit.
We considered doing so by default, but stepped back a little, since we didn't want to add another tmpfs to the mix, just like that. But yeah, we probably should do that.
We have the same vulnerability on /dev/shm btw.
For now Kay and I are leaning to leaving things as they are for now, and count on that the kernel folks add quota support to tmpfs one day, since that appears the correct fix.
Of course it will be the best solution. But I doubt it will happen in a next few weeks - so some temporary workaround for F15 would be appreciated. It seems to me that this is a too serious problem to release F15 without fixing/workarounding it somehow.
Lennart
-- Lennart Poettering - Red Hat, Inc.