Re: Bad file access on the rise

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, 07.06.13 09:50, Steve Grubb (sgrubb@xxxxxxxxxx) wrote:

> Let's look at one of these pule-shm events:
> # ausearch --start today -k access -f pulse-shm -i --just-one
> ----
> type=PATH msg=audit(06/07/2013 07:13:46.377:215) : item=0 name=/dev/shm/pulse-
> shm-3756395503 inode=25089 dev=00:10 mode=file,400 ouid=gdm ogid=gdm rdev=00:00 
> obj=system_u:object_r:user_tmpfs_t:s0 
> type=CWD msg=audit(06/07/2013 07:13:46.377:215) :  cwd=/ 
> type=SYSCALL msg=audit(06/07/2013 07:13:46.377:215) : arch=x86_64 syscall=open 
> success=no exit=-13(Permission denied) a0=0x7fffbeda83c0 a1=O_RDONLY|
> O_NOFOLLOW|O_CLOEXEC a2=0x0 a3=0x0 items=1 ppid=2369 pid=2370 auid=sgrubb 
> uid=sgrubb gid=sgrubb euid=sgrubb suid=sgrubb fsuid=sgrubb egid=sgrubb 
> sgid=sgrubb fsgid=sgrubb ses=2 tty=(none) comm=pulseaudio 
> exe=/usr/bin/pulseaudio subj=unconfined_u:system_r:unconfined_t:s0 key=access 
> 
> So, gdm is creating a file 400 and pulse-audio can't open it. Is it suppose to 
> be like that?

Yes, it is.

POSIX shared memory doesn't define any useful scheme for automatic
removing of shared memory segments from /dev/shm after use. Hence, in
order to make sure that left-over segments don't fill up /dev/shm
forever PA will try to GC dead segments from /dev/shm on each
start-up. For that it iterates through /dev/shm/pulse-shm*, tries to
read the PID that is stored in there. When the PID still exists it goes
to the next file. If the PID doesn't exist it unlinks the file and then
goes to the next one. It's a simple scheme that works around the
limitations of POSIX shm. Of course /dev/shm is a single namespace for
all users, hence not all files can be opened, and that's totally cool
and expected, and they will be skipped.

Shared memory on Linux is a mess. Not automatic clean up, no quota
limits, it's a sad story. If you care about security and reliability, it
would be great doing something about this, so that arbitrary users
cannot DoS the system this easily anymore...

Lennart

-- 
Lennart Poettering - Red Hat, Inc.
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux