F15 - status of /run/user, /dev/shm, and potential for a DoS attack
Michał Piotrowski
mkkp4x4 at gmail.com
Wed May 18 07:40:58 UTC 2011
Hi
2011/5/18 JB <jb.1234abcd at gmail.com>:
> Hi,
>
> There are threads on this list and a Bugzilla report filed.
>
> Can somebody explain what is the current status of it with regard to F15
> release declared ready ?
>
> The problem affects /run/user/ and /dev/shm.
> As I understand they are a DoS capable attack venues.
> There are separate temporary remedies offered for both problems, but they are
> up to users themselves to apply.
You can mount another tmpfs in /run/user/ to reduce the scale of
potential DoS on /run directory.
There is no effective way to prevent /dev/shm DoS - so I asked about
adding quota support for tmpfs - which will help to resolve these
problems.
>
> Was that considered to be a blocker and a part of release criteria for F15 ?
I never claimed that it should be.
>
> As the problem is known in advance, will it be part of an official release
> announcement and Fedora documentation, describing it and how the users can
> protect their machines thru a temporary remedy ?
>
> JB
>
>
> --
> test mailing list
> test at lists.fedoraproject.org
> To unsubscribe:
> https://admin.fedoraproject.org/mailman/listinfo/test
>
--
Best regards,
Michal
http://eventhorizon.pl/
More information about the test
mailing list