693253 – tmpfs need quota support to avoid local DoS on a new systems

Bug 693253 - tmpfs need quota support to avoid local DoS on a new systems [NEEDINFO]

Summary: tmpfs need quota support to avoid local DoS on a new systems

Keywords:
Status:	NEW
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	kernel
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Kernel Maintainer List
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Duplicates (2):	857297 902522 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-04-03 23:03 UTC by Michał Piotrowski
Modified:	2021-06-18 07:19 UTC (History)
CC List:	19 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:
Type:	---
Embargoed:
Dependent Products:
Flags:	lherbolt: needinfo? (extras-qa)

Attachments	(Terms of Use)

Description Michał Piotrowski 2011-04-03 23:03:28 UTC

Hi,

There is a problem with /run/user/ and /dev/shm. Ordinary users can write to /run/user/<login> dirs filling entire free space. This can lead to local DoS.

Additional information can be found in this thread
http://lists.freedesktop.org/archives/systemd-devel/2011-April/thread.html#1839

Best regards,
Michal

Comment 1 Chuck Ebbert 2011-04-07 23:39:55 UTC

There's no way quota support for tmpfs can be ready in time for F15.

Comment 2 Michał Piotrowski 2011-04-08 05:31:10 UTC

I realize that it is not a 10 lines bugfix :)

Thanks for the consideration of the problem.

Comment 3 Will Woods 2011-05-10 00:42:19 UTC

I guess you're not expecting this to be fixed for F15, then? Moving to rawhide so the problem can be considered properly.

Comment 4 Matthias Runge 2011-05-10 09:14:25 UTC


-- 
Fedora Bugzappers volunteer triage team
https://fedoraproject.org/wiki/BugZappers

Comment 5 Josh Boyer 2012-09-14 14:13:26 UTC

*** Bug 857297 has been marked as a duplicate of this bug. ***

Comment 6 Josh Boyer 2013-01-22 20:49:51 UTC

*** Bug 902522 has been marked as a duplicate of this bug. ***

Comment 7 Lukas Herbolt 2019-08-29 08:04:22 UTC

So f15 is history, any news about this bug/rfe?

Comment 8 Jesse Pollard 2019-08-29 11:09:10 UTC

No change in tmpfs.

What has changed is that Fedora now creates a tmpfs for each /run/user/<uid> login with a maximum size.

This mitigation sort of covers up the problem.

the /dev/shm issue appears to still be present.

Note You need to log in before you can comment on or make changes to this bug.