Bug 693253

Summary: tmpfs need quota support to avoid local DoS on a new systems
Product: [Fedora] Fedora Reporter: Michał Piotrowski <mkkp4x4>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: NEW --- QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: Bert.Deknuydt, danielbelton, extras-qa, fullung, gansalmon, groknok, itamar, jonathan, kernel-maint, k.georgiou, kzak, lherbolt, lpoetter, madhu.chinakonda, martin, pollardwaldorf, samuel-rhbugs, wwoods, yersinia.spiros
Target Milestone: ---Keywords: FutureFeature
Target Release: ---Flags: lherbolt: needinfo? (extras-qa)
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Michał Piotrowski 2011-04-03 23:03:28 UTC 
Hi,

There is a problem with /run/user/ and /dev/shm. Ordinary users can write to /run/user/<login> dirs filling entire free space. This can lead to local DoS.

Additional information can be found in this thread
http://lists.freedesktop.org/archives/systemd-devel/2011-April/thread.html#1839

Best regards,
Michal
Comment 1 Chuck Ebbert 2011-04-07 23:39:55 UTC 
There's no way quota support for tmpfs can be ready in time for F15.
Comment 2 Michał Piotrowski 2011-04-08 05:31:10 UTC 
I realize that it is not a 10 lines bugfix :)

Thanks for the consideration of the problem.
Comment 3 Will Woods 2011-05-10 00:42:19 UTC 
I guess you're not expecting this to be fixed for F15, then? Moving to rawhide so the problem can be considered properly.
Comment 4 Matthias Runge 2011-05-10 09:14:25 UTC 

-- 
Fedora Bugzappers volunteer triage team
https://fedoraproject.org/wiki/BugZappers
Comment 5 Josh Boyer 2012-09-14 14:13:26 UTC 
*** Bug 857297 has been marked as a duplicate of this bug. ***
Comment 6 Josh Boyer 2013-01-22 20:49:51 UTC 
*** Bug 902522 has been marked as a duplicate of this bug. ***
Comment 7 Lukas Herbolt 2019-08-29 08:04:22 UTC 
So f15 is history, any news about this bug/rfe?
Comment 8 Jesse Pollard 2019-08-29 11:09:10 UTC 
No change in tmpfs.

What has changed is that Fedora now creates a tmpfs for each /run/user/<uid> login with a maximum size.

This mitigation sort of covers up the problem.

the /dev/shm issue appears to still be present.