On Sun, May 03, 2009 at 05:12:01PM +0200, Aurelien Jarno wrote: > Package: schroot > Version: 1.2.2-1 > Severity: important > Tags: security patch > > In script mode, schroot mounts a new tmpfs (with a default size of half > the RAM) to act as /dev/shm inside the chroot and for each created > chroot (a user can create more than one), as shown below. Those > directories are world writable, meaning that a user can fill them, and > with them RAM and swap. As soon as the whole RAM and swap have been > filled, the kernel starts OOM killing every task, leading to a crash > of the machine.
This is also the case for /lib/init/rw. There should really be a strict size limit placed on it (even on the host). #390184 BTW. > The correct solution here is to bind mount /dev/shm, as it is already > done for /home, /tmp and /dev/pts. The patch below does that: We share /home, /tmp for user convenience. We share /dev/pts because there's no choice (we could mount it twice but it's pointless). For /dev/shm we are sharing the POSIX SHM and SEM data between host and chroot. My question here is, do we want to share that data? I'm perfectly happy with the patch, I just want to question whether sharing shared memory is needed or desirable. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
