On Sun, May 8, 2011 at 4:58 PM, Dave Reisner <d@falconindy.com> wrote:

On Sun, May 08, 2011 at 04:50:32PM +0200, Pierre Schmitz wrote:

...

Looks like /run is writable by every user but also limited to 10MB. This way you can run a dos attack on the system by filling this fs; even by accident. Do we really need write access by every user?

This is not intentional. /run itself should be writable only by root: rc.sysinit: /bin/mount -n -t tmpfs tmpfs /run -o mode=755,size=10M,nosuid,noexec,nodev However, this needs to be changed in mkinitcpio, which now sets "mode=1777". The attached patch should do it. The problem is what to do with /run/lock (not yet released, but same problem applies to /var/lock), where we will have the same problem. At the moment /var/lock is 1777 which allows people to fill it up (regardless of any limits or if it is tmpfs or not, I think). This is only needed by some legacy apps, and the solution others have used is to introduce the "lock" group for these apps and let them use the folder /var/lock/lockdev which is root:lock 775, while /var/lock (or /run/lock) is root:root and 755. Do you think this is something we could conceivably do? Anyone has any idea of how many packages/how much work would be involved?

Yeah, this was discussed on systemd-devel:

http://lists.freedesktop.org/archives/systemd-devel/2011-April/001839.html

The short version is: there was no solution proposed that seems applicable to us.

This discussion was about /run/user (if I understood correctly) which we do not implement (unless I missed it...). -t

On Sun, May 8, 2011 at 6:40 PM, Thomas Bächler <thomas@archlinux.org> wrote:

...

However, this needs to be changed in mkinitcpio, which now sets "mode=1777". The attached patch should do it.

I asked around when I added the patch, and Dave specifically told me to give it the 777 mode.

Ok. Sorry, must have missed the discussion. Dave, what was the reason for the 777? Cheers, Tom