I figured, but I wasn't sure it fit into a DDOS category so I flagged it just in case :)
On Sun, Nov 15, 2009 at 2:44 PM, Kees Cook <[email protected]> wrote: > Thanks for taking the time to report this bug and helping to make Ubuntu > better. We appreciate the difficulties you are facing, but this appears > to be a "regular" (non-security) bug. I have unmarked it as a security > issue since this bug does not show evidence of allowing attackers to > cross privilege boundaries nor directly cause loss of data/privacy. > Please feel free to report any other bugs you may find. > > ** This bug is no longer flagged as a security vulnerability > > -- > Php cron job fails when there are a lot of session files in /var/lib/php5 > https://bugs.launchpad.net/bugs/482720 > You received this bug notification because you are a direct subscriber > of the bug. > > Status in “php5” package in Ubuntu: New > > Bug description: > Binary package hint: php5 > > r...@eris:/var/lib/php5# lsb_release -rd > Description: Ubuntu 8.04.3 LTS > Release: 8.04 > r...@eris:/var/lib/php5# apt-cache policy php5 > php5: > Installed: 5.2.4-2ubuntu5.6 > Candidate: 5.2.4-2ubuntu5.7 > Version table: > 5.2.4-2ubuntu5.7 0 > 500 http://de.archive.ubuntu.com hardy-updates/main Packages > 500 http://security.ubuntu.com hardy-security/main Packages > *** 5.2.4-2ubuntu5.6 0 > 100 /var/lib/dpkg/status > 5.2.4-2ubuntu5 0 > 500 http://de.archive.ubuntu.com hardy/main Packages > r...@eris:/var/lib/php5# > > -- Description: > > The cron job /etc/cron.d/php5 is meant to clear out /var/lib/php5 of old > session files, which is fine generally... But: > > The cron job uses xargs with the -0 option - This is the effect on a > cleanish and newly purged (30 seconds ago) directory: > > r...@eris:/var/lib/php5# find . -print | xargs -0 > . > ./sess_3cf1404393d2ed9f2ca38c18fe74faba > ./sess_f98b526208a668d407d4407a09006bd5 > ./sess_94a5a7dc98b985d170db93bb19c4dfd8 > ./sess_de29f9fbeb695de7df5fce6b69921ef0 > ./sess_29e1d26ecce86f3386595fe9ecff2b6a > ./sess_a44fc67ea7aa7c39100e67cb1040199c > ./sess_86849bfdedf6fd957ae873b455e936f6 > ./sess_a995ac4897a1db02e477384a8e3a1f05 > ./sess_e76aab3594fda5aa961be1e3d339bfed > ./sess_090f28216167271d050078f31b41f6f1 > ./sess_92b65c8a5f82700dd9f6e6166ba98019 > > r...@eris:/var/lib/php5# > > However - This is a very full directory such as the one that completely > filled my disk yesterday: > > r...@eris:/var/lib/php5# find . -print | xargs -r -0 > xargs: argument line too long > r...@eris:/var/lib/php5# > > This results in the disk with /var on it filling and the system becoming > completely unusable - Which is why I ticked the security vulnerability since > effectively, this is a DOS, you may feel free to disagree. > > So far my fix is one of: > > 1. Run the cron job more often so it doesn't fill the thing so much it > can't be deleted (poor hack) > 2. Remove the -0 option to xargs in /etc/cron.d/php5 - Since -0 is new to > me and seems to have little documentation I am not sure what this will > break. > 3. Change the lifetime of the session files in /usr/lib/php5/maxlifetime > > Only 2 is a good solution but I am still wondering why they used -0 and if > there is a valid reason for it. > > ** This could of course be a bug in xargs but it manifests in php5 and > since I don't have a clue what -0 is meant to do, I am not going there... > > Michael. > -- "The King of Sweden it will not irk. To hear that I neglect my work, And tombfuls of historic dead, Care not how late I lie abed." -- Php cron job fails when there are a lot of session files in /var/lib/php5 https://bugs.launchpad.net/bugs/482720 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
