2011/4/3 Kay Sievers <kay.sievers@xxxxxxxx>: > 2011/4/3 Lennart Poettering <mzerqung@xxxxxxxxxxx>: >> On Sun, 03.04.11 23:28, Michał Piotrowski (mkkp4x4@xxxxxxxxx) wrote: >> >>> > But for /dev/shm I see no quick fix... do you? >>> >>> Unfortunately not. No one foresaw that quota support on tmpfs will >>> someday be useful :) >>> >>> > >>> > I think we should fix either both or should wait for the proper fix by >>> > the kernel. >>> >>> Can you temporarily fix one? >> >> Well, of course we could. >> >> But, think about it, what does this help? The vulnerability doesn't go >> away by doing this, and we'd have a temporary hack in there, that we'd >> have to remove later on again. > > Systems who might run into problems with /dev/shm, can just add limits > to /etc/fstab, and systemd will re-mount it and apply them. > > There should really be a _proper_ solution some day, be it quota or > something else. We have way too many /tmp-like dirs, where users can > just leave their crap behind and cause problems. This is really > nothing new with systemd. I'm not saying that systemd is guilty of anything here :) Introduction of /run dir just introduced yet another problem that can be used by malicious users. I know that the most appropriate solution would be to fix tmpfs but before it happens this problem can be used many times to piss off admins and other system users. > > Kay > -- Best regards, Michal http://eventhorizon.pl/ -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
