F15 - status of /run/user, /dev/shm, and potential for a DoS attack

JB jb.1234abcd at gmail.com
Wed May 18 09:41:03 UTC 2011


Adam Williamson <awilliam <at> redhat.com> writes:

> ... 
> > Was that considered to be a blocker and a part of release criteria for F15 ?
> 
> Nope. As discussed recently (I think, though I can't find it right now,
> if anyone has a link that'd be great) on the devel list, this isn't
> really anything new: just about any vaguely mainstream distro with a
> typical configuration is subject to any number of known DoS attacks from
> a local user account. I think it's accurate to say that Fedora doesn't
> really aim to make it impossible for a local user to DoS the system with
> an out of the box configuration, so it would not make sense to consider
> such situations release blocking.
> ...

The problems mentioned have system-wide effect.

But one of them is exceptionally important as it will expose systemd, the new 
and all-important system and service manager, to that DoS attack.

Is Fedora's policy to ship a product that has a known, proven, and discussed 
DoS attack venue with this potential implication ?

JB




More information about the test mailing list