Re: FTBFS if "-Werror=format-security" flag is used

Fri, 06 Dec 2013 07:03:10 -0800 

On 12/06/2013 02:57 PM, Reindl Harald wrote:


Am 06.12.2013 14:08, schrieb Ralf Corsepius:

On 12/06/2013 10:43 AM, Reindl Harald wrote:


Am 06.12.2013 10:37, schrieb Ralf Corsepius:

IMO, -Wformat-security is almost negibile in comparison to these and you
are making way too much noise about it than it deserves.


http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=format+string [*]


Yeah, a vulnerability - So what?

I'd guess the number and severity of vulnerabilities caused by TmpOnTmpfs


how should TmpOnTmpfs cause a vulerability?
the opposite is true


TmpOnTmpfs is magitudes smaller than a traditional /tmp on /


yes, i am also not a fan of this default, see the list-archives
people who know and care about tmpfs did it long ago for their workloads
the improved performance is a urban legend for common workloads


This causes programs/packages which are assuming an "almost infinitely sized 
/tmp" to easily
fill up a small /tmp, and thus the system to choke.


which is not really a *security* problem



In first place it's a denial of service problem. Once /tmp is filled up 
all kind of weird issues pop up and are causing all kind of malfunctions.



2 Real world examples I've encountered with fedora 18 and 19:
* https://bugzilla.redhat.com/show_bug.cgi?id=971878
This one usually kills an individual's system.


see my comment https://bugzilla.redhat.com/show_bug.cgi?id=971878#c1

still not a security problem per se

Correct, it's a DOS problem.


* https://bugzilla.redhat.com/show_bug.cgi?id=1006658
This means one means using "convert" on webserver allows arbitrary users on the 
web to kill servers


if arbitary users are allowed to call CLI applications from a webserver

?!? Calling cli-tools underneath of webservices is the norm on many 
webservers. Often these calls are wrapped into scripting languages, be 
they perl, python or php.



you have a security problem and that is for sure *not* TmpOnTmpfs

TmpOnTmpfs opens opportunities for DOS attacks which do not exist with 
TmpOnFS.


Ralf



--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct






















					Reply via email to