Bad file access on the rise
notting at redhat.com
Fri Jun 7 18:39:36 UTC 2013
Lennart Poettering (mzerqung at 0pointer.de) said:
> Yes, it is.
> POSIX shared memory doesn't define any useful scheme for automatic
> removing of shared memory segments from /dev/shm after use. Hence, in
> order to make sure that left-over segments don't fill up /dev/shm
> forever PA will try to GC dead segments from /dev/shm on each
> start-up. For that it iterates through /dev/shm/pulse-shm*, tries to
> read the PID that is stored in there. When the PID still exists it goes
> to the next file. If the PID doesn't exist it unlinks the file and then
> goes to the next one. It's a simple scheme that works around the
> limitations of POSIX shm. Of course /dev/shm is a single namespace for
> all users, hence not all files can be opened, and that's totally cool
> and expected, and they will be skipped.
> Shared memory on Linux is a mess. Not automatic clean up, no quota
> limits, it's a sad story. If you care about security and reliability, it
> would be great doing something about this, so that arbitrary users
> cannot DoS the system this easily anymore...
Any reason we don't run with namespaced /dev/shm vis-a-vis private /tmp?
More information about the devel