informations about boot sequence (Re: F15 - mysql start problem)
Lennart Poettering
mzerqung at 0pointer.de
Mon May 9 22:49:06 UTC 2011
On Mon, 09.05.11 23:54, Michał Piotrowski (mkkp4x4 at gmail.com) wrote:
>
> 2011/5/9 Lennart Poettering <mzerqung at 0pointer.de>:
> > On Mon, 09.05.11 22:46, Michał Piotrowski (mkkp4x4 at gmail.com) wrote:
> >
> >>
> >> 2011/5/9 Lennart Poettering <mzerqung at 0pointer.de>:
> >> > On Mon, 09.05.11 18:58, Michał Piotrowski (mkkp4x4 at gmail.com) wrote:
> >> >
> >> >> >> Yes, mysql and postgresql are both certainly broken by this. Please
> >> >> >> send the info, I'll take care of those two.
> >> >> >
> >> >> > I'll create bug reports and send proposed patches later.
> >> >> >
> >> >>
> >> >> Patch for MySQL
> >> >> https://bugzilla.redhat.com/show_bug.cgi?id=703214
> >> >>
> >> >> for PostgreSQL
> >> >> https://bugzilla.redhat.com/show_bug.cgi?id=703215
> >> >>
> >> >
> >> > Urks. I would strongly suggest not to make changes like this by
> >> > default. These services should bind on 0.0.0.0 by default, which is
> >> > available without network.
> >>
> >> Ok, when it comes to me - I can fix that on my setup :)
> >>
> >> But what about other large systems?
> >>
> >> When it comes to systemd in F15 a few things should be documented in
> >> F15 release notes. /run vulnerability too.
> >
> > /run vulnerability?
>
> /run/user/ for accuracy
> https://bugzilla.redhat.com/show_bug.cgi?id=693253
>
> >
> > Are you referring to the /dev/shm vulnerability? That's not really news...
>
> No, only for /run/user/ - because there is a simple workaround that
> can be used on affected systems if the administrator considers his
> system as vulnerable for malicious users.
Again, we had /dev/shm for years on Linux. This weakness in the security
model is not news, not at all.
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the devel
mailing list