F15 - status of /run/user, /dev/shm, and potential for a DoS attack
jb.1234abcd at gmail.com
Wed May 18 09:41:03 UTC 2011
Adam Williamson <awilliam <at> redhat.com> writes:
> > Was that considered to be a blocker and a part of release criteria for F15 ?
> Nope. As discussed recently (I think, though I can't find it right now,
> if anyone has a link that'd be great) on the devel list, this isn't
> really anything new: just about any vaguely mainstream distro with a
> typical configuration is subject to any number of known DoS attacks from
> a local user account. I think it's accurate to say that Fedora doesn't
> really aim to make it impossible for a local user to DoS the system with
> an out of the box configuration, so it would not make sense to consider
> such situations release blocking.
The problems mentioned have system-wide effect.
But one of them is exceptionally important as it will expose systemd, the new
and all-important system and service manager, to that DoS attack.
Is Fedora's policy to ship a product that has a known, proven, and discussed
DoS attack venue with this potential implication ?
More information about the test