F15 - status of /run/user, /dev/shm, and potential for a DoS attack

Michał Piotrowski mkkp4x4 at gmail.com
Wed May 18 07:40:58 UTC 2011


2011/5/18 JB <jb.1234abcd at gmail.com>:
> Hi,
> There are threads on this list and a Bugzilla report filed.
> Can somebody explain what is the current status of it with regard to F15
> release declared ready ?
> The problem affects /run/user/ and /dev/shm.
> As I understand they are a DoS capable attack venues.
> There are separate temporary remedies offered for both problems, but they are
> up to users themselves to apply.

You can mount another tmpfs in /run/user/ to reduce the scale of
potential DoS on /run directory.

There is no effective way to prevent /dev/shm DoS - so I asked about
adding quota support for tmpfs - which will help to resolve these

> Was that considered to be a blocker and a part of release criteria for F15 ?

I never claimed that it should be.

> As the problem is known in advance, will it be part of an official release
> announcement and Fedora documentation, describing it and how the users can
> protect their machines thru a temporary remedy ?
> JB
> --
> test mailing list
> test at lists.fedoraproject.org
> To unsubscribe:
> https://admin.fedoraproject.org/mailman/listinfo/test

Best regards,


More information about the test mailing list