On Wed, Apr 08, 2020 at 11:08:41AM +0100, Kevin Chadwick wrote:
> On 2020-04-07 17:12, Andrew Grillet wrote:
> > For me, the "/var is full" problem can be adequately mitigated by mounting
> > a separate partition as /var/tmp.
>
> Does FFS2 have the same disklabel limit on partitions? I guess they
On 2020-04-07 17:12, Andrew Grillet wrote:
> For me, the "/var is full" problem can be adequately mitigated by mounting
> a separate partition as /var/tmp.
Does FFS2 have the same disklabel limit on partitions? I guess they are
unrelated.
Sometimes users may decide which mount points to edit out
On 4/7/20 6:05 PM, Stuart Henderson wrote:
fwiw my usual approach is to put /var/www on a separate filesystem ..
I do generally create a separate filesystem for /var/www/tmp (and
/var/www). But I feel this is the responsibility of whoever installs
stuff which will write in this directory t
On Tue, Apr 07, 2020 at 06:13:12PM +0200, Stefan Sperling wrote:
> For temp stuff we really need a separate space that can just be wiped
> without consequences when it has run full.
The way Got internally provides access to files in /tmp for every helper
process is to pass one or more open file de
For me, the "/var is full" problem can be adequately mitigated by mounting
a separate partition as /var/tmp.
More of an issue, although obviously not major - if there are a large
number of tmp directories, is making sure that they are all
routinely purged. Yes, I know this is down to careless admi
On Tue, Apr 07, 2020 at 05:05:08PM +0100, Stuart Henderson wrote:
> On 2020/04/07 18:01, Stefan Sperling wrote:
> > Yes, absolutely correct. Logs or tempfiles filling up /var are a problem,
> > and in the gotweb application Tracey and I created it is indeed possible
> > for requests to trigger larg
Stuart Henderson wrote:
> On 2020/04/07 18:01, Stefan Sperling wrote:
> > On Tue, Apr 07, 2020 at 09:51:15AM -0600, Theo de Raadt wrote:
> > > Stefan Sperling wrote:
> > >
> > > > On Tue, Apr 07, 2020 at 09:37:02AM -0600, Theo de Raadt wrote:
> > > > > > The idea was to have /var/www/tmp create
Stefan Sperling wrote:
> > A smaller secondary concern is if you can convince software using this
> > space,
> > from remote, to hog the space too much, and/or lose track of files in there.
> > Which would also create the fallout problems of "/var is full".
> >
> > It's a matter of how other /v
On 2020/04/07 18:01, Stefan Sperling wrote:
> On Tue, Apr 07, 2020 at 09:51:15AM -0600, Theo de Raadt wrote:
> > Stefan Sperling wrote:
> >
> > > On Tue, Apr 07, 2020 at 09:37:02AM -0600, Theo de Raadt wrote:
> > > > > The idea was to have /var/www/tmp created by default, but with
> > > > > www:w
On Tue, Apr 07, 2020 at 09:51:15AM -0600, Theo de Raadt wrote:
> Stefan Sperling wrote:
>
> > On Tue, Apr 07, 2020 at 09:37:02AM -0600, Theo de Raadt wrote:
> > > > The idea was to have /var/www/tmp created by default, but with
> > > > www:www ownership.
> >
> > > Create the directory. Now as
Stefan Sperling wrote:
> On Tue, Apr 07, 2020 at 09:37:02AM -0600, Theo de Raadt wrote:
> > > The idea was to have /var/www/tmp created by default, but with
> > > www:www ownership.
>
> > Create the directory. Now as a user, completely fill it.
>
> The proposal is to create tmp with www:www o
On Tue, Apr 07, 2020 at 09:37:02AM -0600, Theo de Raadt wrote:
> > The idea was to have /var/www/tmp created by default, but with
> > www:www ownership.
> Create the directory. Now as a user, completely fill it.
The proposal is to create tmp with www:www ownership, writable only for
that user,
Stuart Henderson wrote:
> On 2020/04/07 09:01, Theo de Raadt wrote:
> > This is horrible, as a user can fill the /var filesystem.
>
> they already can with /var/www/logs.
On my machines not running this software, they cannot cause any effect
on that directory.
The software utilization of 1% of
Tracey Emery wrote:
> On Tue, Apr 07, 2020 at 11:17:23AM -0400, Bryan Steele wrote:
> > On Tue, Apr 07, 2020 at 04:56:31PM +0200, Martijn van Duren wrote:
> > > This came up during u2k20 while discussing tempfiles for gotweb inside a
> > > chroot. At the moment we don't include it by default and
On 2020/04/07 09:01, Theo de Raadt wrote:
> This is horrible, as a user can fill the /var filesystem.
they already can with /var/www/logs.
On 2020/04/07 11:17, Bryan Steele wrote:
> WIth FastCGI, perhaps I'm confused, but why do web applications need to
> be inside the /var/www chroot? Can't they
On Tue, Apr 07, 2020 at 11:17:23AM -0400, Bryan Steele wrote:
> On Tue, Apr 07, 2020 at 04:56:31PM +0200, Martijn van Duren wrote:
> > This came up during u2k20 while discussing tempfiles for gotweb inside a
> > chroot. At the moment we don't include it by default and ports have to
> > create it th
On Tue, Apr 07, 2020 at 04:56:31PM +0200, Martijn van Duren wrote:
> This came up during u2k20 while discussing tempfiles for gotweb inside a
> chroot. At the moment we don't include it by default and ports have to
> create it themselves. Since I assume we want web applications to run
> inside a /v
This is horrible, as a user can fill the /var filesystem.
That is why we got rid of /var/tmp before, and tried to reduce the risk on
/tmp. Now you want to bring the problem back.
Martijn van Duren wrote:
> This came up during u2k20 while discussing tempfiles for gotweb inside a
> chroot. At th
This came up during u2k20 while discussing tempfiles for gotweb inside a
chroot. At the moment we don't include it by default and ports have to
create it themselves. Since I assume we want web applications to run
inside a /var/www chroot as much as possible and even some libc
functions depend on /t
19 matches
Mail list logo