Bug 693253

Summary: tmpfs need quota support to avoid local DoS on a new systems
Product: [Fedora] Fedora Reporter: Michał Piotrowski <mkkp4x4>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: NEW --- QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: Bert.Deknuydt, danielbelton, fullung, gansalmon, groknok, hannsj_uhl, itamar, jonathan, kernel-maint, k.georgiou, kzak, lpoetter, madhu.chinakonda, martin, pollardwaldorf, samuel-rhbugs, wwoods, yersinia.spiros
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Michał Piotrowski 2011-04-03 19:03:28 EDT
Hi,

There is a problem with /run/user/ and /dev/shm. Ordinary users can write to /run/user/<login> dirs filling entire free space. This can lead to local DoS.

Additional information can be found in this thread
http://lists.freedesktop.org/archives/systemd-devel/2011-April/thread.html#1839

Best regards,
Michal
Comment 1 Chuck Ebbert 2011-04-07 19:39:55 EDT
There's no way quota support for tmpfs can be ready in time for F15.
Comment 2 Michał Piotrowski 2011-04-08 01:31:10 EDT
I realize that it is not a 10 lines bugfix :)

Thanks for the consideration of the problem.
Comment 3 Will Woods 2011-05-09 20:42:19 EDT
I guess you're not expecting this to be fixed for F15, then? Moving to rawhide so the problem can be considered properly.
Comment 4 Matthias Runge 2011-05-10 05:14:25 EDT

-- 
Fedora Bugzappers volunteer triage team
https://fedoraproject.org/wiki/BugZappers
Comment 5 Josh Boyer 2012-09-14 10:13:26 EDT
*** Bug 857297 has been marked as a duplicate of this bug. ***
Comment 6 Josh Boyer 2013-01-22 15:49:51 EST
*** Bug 902522 has been marked as a duplicate of this bug. ***