From: Adam Heath <doogie@de...> - 2001-10-05 18:43:30
I started using user-mode-linux yesterday after 6 months, and was quite
impressed with what has been accomplished. However, there is a big problem,
that could actually cause a DoS.
UML places all files in /tmp. Both temporary vm files, and pid/mconsole
files. The latter are not that big a problem(ssh does the same thing). The
former, however, is very bad.
I have /tmp on /, which is only 100 megs. When I reran uml-linux(my own
compiled version), I suddenly ran out of disk space. However, du didn't show
the files(lsof did). My fix was to remove the hard-coded directory from the
code, which means that mkstemp would place them in $CWD.
Wouldn't it be better to honor $TMP or $TEMP?
From: Adam Heath <adam@do...> - 2001-10-05 23:52:30
I just noticed that the unlinked file descriptor for temp files is given the
perms of 777. I consider that a security hole.
I see no reason for +x at all. g+w can be argued, it depends on the local
How about I make this a command line option as well?
Get latest updates about Open Source Projects, Conferences and News.