W dniu 3 kwietnia 2011 22:39 użytkownik Lennart Poettering
<mzerqung(a)0pointer.de> napisał:
On Sun, 03.04.11 13:54, Lennart Poettering (mzerqung(a)0pointer.de)
wrote:
> On Sun, 03.04.11 13:10, Michał Piotrowski (mkkp4x4(a)gmail.com) wrote:
>
> > Hi,
> >
> > I can write to /run/user/michal in this way I can fill the entire free
> > tmpfs space which is not good from my POV.
>
> Yupp, this is trivially fixable by placing another tmpfs on /run/user,
> which can be done by installing a run-user.mount unit.
>
> We considered doing so by default, but stepped back a little, since we
> didn't want to add another tmpfs to the mix, just like that. But yeah,
> we probably should do that.
We have the same vulnerability on /dev/shm btw.
For now Kay and I are leaning to leaving things as they are for now, and
count on that the kernel folks add quota support to tmpfs one day, since
that appears the correct fix.
Of course it will be the best solution. But I doubt it will happen in
a next few weeks - so some temporary workaround for F15 would be
appreciated. It seems to me that this is a too serious problem to
release F15 without fixing/workarounding it somehow.
Lennart
--
Lennart Poettering - Red Hat, Inc.
--
Best regards,
Michal
http://eventhorizon.pl/