On Mon, 09.05.11 23:54, MichaÅ Piotrowski (mkkp4x4@xxxxxxxxx) wrote: > > 2011/5/9 Lennart Poettering <mzerqung@xxxxxxxxxxx>: > > On Mon, 09.05.11 22:46, MichaÅ Piotrowski (mkkp4x4@xxxxxxxxx) wrote: > > > >> > >> 2011/5/9 Lennart Poettering <mzerqung@xxxxxxxxxxx>: > >> > On Mon, 09.05.11 18:58, MichaÅ Piotrowski (mkkp4x4@xxxxxxxxx) wrote: > >> > > >> >> >> Yes, mysql and postgresql are both certainly broken by this. ÂPlease > >> >> >> send the info, I'll take care of those two. > >> >> > > >> >> > I'll create bug reports and send proposed patches later. > >> >> > > >> >> > >> >> Patch for MySQL > >> >> https://bugzilla.redhat.com/show_bug.cgi?id=703214 > >> >> > >> >> for PostgreSQL > >> >> https://bugzilla.redhat.com/show_bug.cgi?id=703215 > >> >> > >> > > >> > Urks. I would strongly suggest not to make changes like this by > >> > default. These services should bind on 0.0.0.0 by default, which is > >> > available without network. > >> > >> Ok, when it comes to me - I can fix that on my setup :) > >> > >> But what about other large systems? > >> > >> When it comes to systemd in F15 a few things should be documented in > >> F15 release notes. /run vulnerability too. > > > > /run vulnerability? > > /run/user/ for accuracy > https://bugzilla.redhat.com/show_bug.cgi?id=693253 > > > > > Are you referring to the /dev/shm vulnerability? That's not really news... > > No, only for /run/user/ - because there is a simple workaround that > can be used on affected systems if the administrator considers his > system as vulnerable for malicious users. Again, we had /dev/shm for years on Linux. This weakness in the security model is not news, not at all. Lennart -- Lennart Poettering - Red Hat, Inc. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
