Bad file access on the rise

Lennart Poettering mzerqung at
Sun Jun 9 15:17:07 UTC 2013

On Fri, 07.06.13 22:33, Richard W.M. Jones (rjones at wrote:

> On Fri, Jun 07, 2013 at 06:55:46PM +0200, Lennart Poettering wrote:
> > User "simo" creates /dev/shm/1000/ even though 1000 is the UID of user
> > "lennart". Lennart can never start PA again, ever. And can't do anything
> > about it, because "simo" is in control, and /dev/shm is sticky.
> For /run we create /run/user/<uid> in pam_systemd (I think?).
> Can we do the same for /dev/shm/<uid>?

There's no benefit in doing that.

/run/user is not world-writable. Hence creating this dir at login time
is totally safe, since only trusted code can create dirs in there. This
is different for /dev/shm which is world-writable, and where creating
dirs at login doesn't solve anything, because any unprivileged user
could easily create dirs for all users and then make it impossible to
log in for them.


Lennart Poettering - Red Hat, Inc.

More information about the devel mailing list