LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices



Reply
 
Search this Thread
Old 05-28-2008, 07:26 AM   #1
GazL
Senior Member
 
Registered: May 2008
Posts: 3,503

Rep: Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026
/dev/shm


Having just gotten around to installing 12.1, I've noticed that I've gained a /dev/shm tmpfs filesystem. What's the deal with this? From quick google searches, amongst all the mis-information I've found a bit of detail and that it belongs to the libc6 posix shared memory implementation. Is this a new implementation of the, SysV IPC shmctl(2) et al, or is it something new?

Though its not a major issue for me, I like to run a tight ship and what concerns me is that /dev/shm appears to be a world writable filesystem and that it can be abused by putting files directly in it as such....
Code:
bash-3.1$ free
             total       used       free     shared    buffers     cached
Mem:       1555024     232968    1322056          0      15904     135476
-/+ buffers/cache:      81588    1473436
Swap:      2000084          0    2000084
bash-3.1$ dd if=/dev/zero bs=1024 of=/dev/shm/test
dd: writing `/dev/shm/test': No space left on device
776749+0 records in
776748+0 records out
795389952 bytes (795 MB) copied, 2.81356 s, 283 MB/s
bash-3.1$ free
             total       used       free     shared    buffers     cached
Mem:       1555024    1010640     544384          0      15920     912224
-/+ buffers/cache:      82496    1472528
Swap:      2000084          0    2000084
As you can see, this takes a huge chunk of my system ram away and I would guess completely breaks anything that tries to use shared memory segments.

Now, I could reduce the max size of the tmpfs filesystem it sits on to mitigate risk, but I just don't like having this thing world writable on principle. You can protect most resources with ulimit setting or filesystem quotas, but there doesn't seem to be any per user or per process settings in regard to shm that I can find and even if they did exist, the world writable directory would just allow an attacker to bypass them anyway.

Please, is there anyone out there that can explain to me what this new world writable filesystem is all about and whether I can do anything to tighten this up, or is it just something I have to live with. SysV IPC Shared Memory seemed to work fine in the past without it.

UPDATE:

I've found a little more. Hidden in the kernel documentation for the tmpfs filesystem is this...

Quote:
2) glibc 2.2 and above expects tmpfs to be mounted at /dev/shm for
POSIX shared memory (shm_open, shm_unlink). Adding the following
line to /etc/fstab should take care of this:

tmpfs /dev/shm tmpfs defaults 0 0

Remember to create the directory that you intend to mount tmpfs on
if necessary.

This mount is _not_ needed for SYSV shared memory. The internal
mount is used for that. (In the 2.3 kernel versions it was
necessary to mount the predecessor of tmpfs (shm fs) to use SYSV
shared memory)
So, its apparently not the SYSV Shared memory, but some new fangled one. Does anyone know if I'm likely to meet any programs out their that require this newstyle shared memory? If not I think I'll turn it off for the time being and carry on using the SYSV style calls.

Last edited by GazL; 06-12-2011 at 05:54 AM.
 
Old 05-28-2008, 09:09 AM   #2
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,384

Rep: Reputation: Disabled
The proprietary ATI display drivers expect a tmpfs. So do QEMU's accelerator kernel module 'kqemu' and the JACK audio connection kit. Maybe more programs that I am not aware of.
None of those ship with Slackware by default so it should be safe to remove that line from fstab.

Eric
 
Old 05-28-2008, 09:39 AM   #3
GazL
Senior Member
 
Registered: May 2008
Posts: 3,503

Original Poster
Rep: Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026
Thanks Eric. I feel happier now I know its something new rather than a reworking of the old SysV stuff.

Technically, I guess there's not much difference between the way this works and a malicious/errant program using up all of the SYSV Shared memory pool, or even /tmp for that matter. I guess that with /dev/shm its just easier to do it from the shell.

Anyway, I've decided to leave it in there but shrink the size a little as the default is quite large and to add noexec,nodev,nosuid to the fstab entry as below to make me feel a little better about it being world writable.

tmpfs /dev/shm tmpfs size=256m,noexec,nodev,nosuid

Hopefully, this won't break anything.

Last edited by GazL; 06-12-2011 at 05:54 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
use of /dev/shm kskkumar Linux - General 1 01-31-2006 02:55 PM
What is /dev/pts, /dev/shm? mrpc_cambodia Red Hat 1 10-18-2004 04:27 AM
what is /dev/shm? chem1 Linux - Hardware 13 05-31-2004 03:52 PM
/dev/shm sakeeb Linux - Software 9 06-05-2002 07:03 AM
What is /Dev/shm? neil Linux - General 2 04-08-2002 04:25 AM


All times are GMT -5. The time now is 07:15 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration