Bug 693253 - tmpfs need quota support to avoid local DoS on a new systems
tmpfs need quota support to avoid local DoS on a new systems
Status: NEW
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Kernel Maintainer List
Fedora Extras Quality Assurance
: FutureFeature
: 857297 902522 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-04-03 19:03 EDT by Michał Piotrowski
Modified: 2014-03-05 04:23 EST (History)
18 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Michał Piotrowski 2011-04-03 19:03:28 EDT
Hi,

There is a problem with /run/user/ and /dev/shm. Ordinary users can write to /run/user/<login> dirs filling entire free space. This can lead to local DoS.

Additional information can be found in this thread
http://lists.freedesktop.org/archives/systemd-devel/2011-April/thread.html#1839

Best regards,
Michal
Comment 1 Chuck Ebbert 2011-04-07 19:39:55 EDT
There's no way quota support for tmpfs can be ready in time for F15.
Comment 2 Michał Piotrowski 2011-04-08 01:31:10 EDT
I realize that it is not a 10 lines bugfix :)

Thanks for the consideration of the problem.
Comment 3 Will Woods 2011-05-09 20:42:19 EDT
I guess you're not expecting this to be fixed for F15, then? Moving to rawhide so the problem can be considered properly.
Comment 4 Matthias Runge 2011-05-10 05:14:25 EDT

-- 
Fedora Bugzappers volunteer triage team
https://fedoraproject.org/wiki/BugZappers
Comment 5 Josh Boyer 2012-09-14 10:13:26 EDT
*** Bug 857297 has been marked as a duplicate of this bug. ***
Comment 6 Josh Boyer 2013-01-22 15:49:51 EST
*** Bug 902522 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.