2011/5/9 Lennart Poettering <mzerqung@xxxxxxxxxxx>: > On Mon, 09.05.11 22:46, Michał Piotrowski (mkkp4x4@xxxxxxxxx) wrote: > >> >> 2011/5/9 Lennart Poettering <mzerqung@xxxxxxxxxxx>: >> > On Mon, 09.05.11 18:58, Michał Piotrowski (mkkp4x4@xxxxxxxxx) wrote: >> > >> >> >> Yes, mysql and postgresql are both certainly broken by this. Please >> >> >> send the info, I'll take care of those two. >> >> > >> >> > I'll create bug reports and send proposed patches later. >> >> > >> >> >> >> Patch for MySQL >> >> https://bugzilla.redhat.com/show_bug.cgi?id=703214 >> >> >> >> for PostgreSQL >> >> https://bugzilla.redhat.com/show_bug.cgi?id=703215 >> >> >> > >> > Urks. I would strongly suggest not to make changes like this by >> > default. These services should bind on 0.0.0.0 by default, which is >> > available without network. >> >> Ok, when it comes to me - I can fix that on my setup :) >> >> But what about other large systems? >> >> When it comes to systemd in F15 a few things should be documented in >> F15 release notes. /run vulnerability too. > > /run vulnerability? /run/user/ for accuracy https://bugzilla.redhat.com/show_bug.cgi?id=693253 > > Are you referring to the /dev/shm vulnerability? That's not really news... No, only for /run/user/ - because there is a simple workaround that can be used on affected systems if the administrator considers his system as vulnerable for malicious users. > > Lennart > > -- > Lennart Poettering - Red Hat, Inc. > -- > devel mailing list > devel@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/devel -- Best regards, Michal http://eventhorizon.pl/ -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
