Bug 693253 - tmpfs need quota support to avoid local DoS on a new systems [NEEDINFO]
Summary: tmpfs need quota support to avoid local DoS on a new systems
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: rawhide
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
: 857297 902522 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2011-04-03 23:03 UTC by Michał Piotrowski
Modified: 2019-08-29 11:09 UTC (History)
20 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Last Closed:
Type: ---
lherbolt: needinfo? (extras-qa)

Attachments (Terms of Use)

Description Michał Piotrowski 2011-04-03 23:03:28 UTC

There is a problem with /run/user/ and /dev/shm. Ordinary users can write to /run/user/<login> dirs filling entire free space. This can lead to local DoS.

Additional information can be found in this thread

Best regards,

Comment 1 Chuck Ebbert 2011-04-07 23:39:55 UTC
There's no way quota support for tmpfs can be ready in time for F15.

Comment 2 Michał Piotrowski 2011-04-08 05:31:10 UTC
I realize that it is not a 10 lines bugfix :)

Thanks for the consideration of the problem.

Comment 3 Will Woods 2011-05-10 00:42:19 UTC
I guess you're not expecting this to be fixed for F15, then? Moving to rawhide so the problem can be considered properly.

Comment 4 Matthias Runge 2011-05-10 09:14:25 UTC

Fedora Bugzappers volunteer triage team

Comment 5 Josh Boyer 2012-09-14 14:13:26 UTC
*** Bug 857297 has been marked as a duplicate of this bug. ***

Comment 6 Josh Boyer 2013-01-22 20:49:51 UTC
*** Bug 902522 has been marked as a duplicate of this bug. ***

Comment 7 Lukas Herbolt 2019-08-29 08:04:22 UTC
So f15 is history, any news about this bug/rfe?

Comment 8 Jesse Pollard 2019-08-29 11:09:10 UTC
No change in tmpfs.

What has changed is that Fedora now creates a tmpfs for each /run/user/<uid> login with a maximum size.

This mitigation sort of covers up the problem.

the /dev/shm issue appears to still be present.

Note You need to log in before you can comment on or make changes to this bug.