Local users get to play root?
Casey Dahlin
cdahlin at redhat.com
Wed Nov 18 19:21:31 UTC 2009
On 11/18/2009 02:10 PM, Seth Vidal wrote:
>
>
> On Wed, 18 Nov 2009, Konstantin Ryabitsev wrote:
>
>> 2009/11/18 Casey Dahlin <cdahlin at redhat.com>:
>>> On 11/18/2009 01:22 PM, James Antill wrote:
>>>>
>>>> 3. Are there any attacks due to disk space used? Eg. If /var is low² I
>>>> can probably install enough pkgs to make logging stop.
>>>>
>>>
>>> I'm betting there's still enough systems out there without enough
>>> space in /usr for the entire package set.
>>
>> That's kind of a silly exercise in what-ifs. The default anaconda
>> partition scheme is /boot, <swap>, and /. If someone wanted to fill up
>> the disk, they can just write to /tmp on a default install.
>
> well - except for the 5% reserved for root :)
>
> -sv
>
Which isn't safe from this since ultimately its root doing the install on the unprivileged user's behalf.
--CJD
More information about the devel
mailing list