On Wed, 2011-05-18 at 06:31 +0000, JB wrote: > Hi, > > There are threads on this list and a Bugzilla report filed. > > Can somebody explain what is the current status of it with regard to F15 > release declared ready ? Yup, indeed there are. > The problem affects /run/user/ and /dev/shm. > As I understand they are a DoS capable attack venues. > There are separate temporary remedies offered for both problems, but they are > up to users themselves to apply. > > Was that considered to be a blocker and a part of release criteria for F15 ? Nope. As discussed recently (I think, though I can't find it right now, if anyone has a link that'd be great) on the devel list, this isn't really anything new: just about any vaguely mainstream distro with a typical configuration is subject to any number of known DoS attacks from a local user account. I think it's accurate to say that Fedora doesn't really aim to make it impossible for a local user to DoS the system with an out of the box configuration, so it would not make sense to consider such situations release blocking. > As the problem is known in advance, will it be part of an official release > announcement and Fedora documentation, describing it and how the users can > protect their machines thru a temporary remedy ? I don't know, if anyone else does, please speak up. I don't think it's mentioned in the release notes. It's generally worth having known DoS potentials documented somewhere or other, for those who really need to protect against local users, but I don't believe we have any formal policy for this, and it wouldn't really be a QA issue. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
