On mer., 2011-12-21 at 10:40 +0100, Yves-Alexis Perez wrote: > On mer., 2011-12-21 at 08:37 +0000, Stephen Gran wrote: > > This one time, at band camp, Tollef Fog Heen said: > > > > > > Hi, > > > > > > it seems like the security tracker now and then decides to leave crap in > > > /tmp on wagner. Could you please make it stop doing so? > > > > > > (I suspect it's you based on the contents, it's stuff like: > > > > > > CVE-2005-XXXX [Insecure temp files in note] > > > - note 1.3.1-3 (bug #337492; low) > > > CVE-2005-3500 [clamav: DoS in CAB parsing] > > > {DTSA-21-1} > > > - clamav 0.87.1-1 (medium) > > > CVE-2005-3501 [clamav: DoS in mspack parsing] > > > {DTSA-21-1} > > > - clamav 0.87.1-1 (medium) > > > CVE-2005-XXXX [Multiple security issues in Scorched 3D] > > > - scorched3d <unfixed> (bug filed; medium) > > > CVE-2005-3482 (Cisco 1200, 1131, and 1240 series Access Points, when > > > operating in ...) > > > NOT-FOR-US: Cisco hardware > > > CVE-2005-3481 (Cisco IOS 12.0 to 12.4 might allow remote attackers to > > > execute ...) > > > NOT-FOR-US: IOS > > > > Hi, > > > > It looks like it may not be you guys: > > > > root@wagner:/tmp# lsof | grep tempfile.8.tmp > > viewvc.cg 16055 www-data 4u REG 254,5 1224704 27 /tmp/tempfile.8.tmp > > > > so, we'll take a look at viewvc. However, the lack of response from > > anyone that I'm aware of makes me nervous - is anyone reading this? > > Should we kill the alioth project? > > > Yes, we read you, though I missed the initial mail (and would have > lacked information on why/how this happened). >
And according to various sources on the net, it looks indeed like some people try to hammer http://anonscm.debian.org/viewvc/secure-testing/data/CVE/list?view=log (maybe even googlebot) which is 6.5M. viewvc process seems to die and let its tempfiles in /tmp (I guess it might happen for other files too, but maybe there's not much files larger than that in alioth svn repositories?). Regards, -- Yves-Alexis
signature.asc
Description: This is a digitally signed message part