security bug (Re: Announcing the release of Fedora 15 Beta!!)
Michał Piotrowski
mkkp4x4 at gmail.com
Fri Apr 22 17:51:40 UTC 2011
W dniu 22 kwietnia 2011 19:00 użytkownik Jared K. Smith
<jsmith at fedoraproject.org> napisał:
> 2011/4/22 Michał Piotrowski <mkkp4x4 at gmail.com>:
>> I believe that users should be warned about problem described here
>> https://bugzilla.redhat.com/show_bug.cgi?id=693253
>>
>> It seems to me that it would be appropriate to write about it in
>> "Known Issues" in release notes.
>
> Thanks for the note.
>
> The suggestion that we add this to the "Known Issues" section of the
> release notes sounds very reasonable to me. Have you asked the Docs
> team to add it.
No, I did not. First I wanted to find out what do you think about this
idea. CC'ing docs ml.
>
> As the thread on the systemd-devel list (linked from the bug report
> you opened) suggests, there are *many* ways that local users can cause
> a local DoS by consuming resources. And yes, I agree that quota
> support for tmpfs is probably a good long-term solution, but I think
> we can all reasonably agree that quota support isn't going to be
> written and tested in time for Fedora 15, and that it's not worth
> postponing the release of Fedora 15 to wait for quota support.
Naturally. I never suggested postponing of the release :)
> Documenting it is the next best course of action, I think.
This problem can affect only systems that are used by many local
users. Simplest workaround for these systems will be mounting another
tmpfs in /run/user/ .
>
> --
> Jared Smith
> Fedora Project Leader
>
--
Best regards,
Michal
http://eventhorizon.pl/
More information about the docs
mailing list