[Bug 482720] Re: Php cron job fails when there are a lot of session files in /var/lib/php5

Sun Nov 15 19:11:41 GMT 2009

I figured, but I wasn't sure it fit into a DDOS category so I flagged it
just in case :)

On Sun, Nov 15, 2009 at 2:44 PM, Kees Cook <kees at ubuntu.com> wrote:

> Thanks for taking the time to report this bug and helping to make Ubuntu
> better. We appreciate the difficulties you are facing, but this appears
> to be a "regular" (non-security) bug.  I have unmarked it as a security
> issue since this bug does not show evidence of allowing attackers to
> cross privilege boundaries nor directly cause loss of data/privacy.
> Please feel free to report any other bugs you may find.
>
> ** This bug is no longer flagged as a security vulnerability
>
> --
> Php cron job fails when there are a lot of session files in /var/lib/php5
> https://bugs.launchpad.net/bugs/482720
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in “php5” package in Ubuntu: New
>
> Bug description:
> Binary package hint: php5
>
> root at eris:/var/lib/php5# lsb_release -rd
> Description:    Ubuntu 8.04.3 LTS
> Release:        8.04
> root at eris:/var/lib/php5# apt-cache policy php5
> php5:
>  Installed: 5.2.4-2ubuntu5.6
>  Candidate: 5.2.4-2ubuntu5.7
>  Version table:
>     5.2.4-2ubuntu5.7 0
>        500 http://de.archive.ubuntu.com hardy-updates/main Packages
>        500 http://security.ubuntu.com hardy-security/main Packages
>  *** 5.2.4-2ubuntu5.6 0
>        100 /var/lib/dpkg/status
>     5.2.4-2ubuntu5 0
>        500 http://de.archive.ubuntu.com hardy/main Packages
> root at eris:/var/lib/php5#
>
> -- Description:
>
> The cron job /etc/cron.d/php5 is meant to clear out /var/lib/php5 of old
> session files, which is fine generally... But:
>
> The cron job uses xargs with the -0 option - This is the effect on a
> cleanish and newly purged (30 seconds ago) directory:
>
> root at eris:/var/lib/php5# find . -print | xargs -0
> .
> ./sess_3cf1404393d2ed9f2ca38c18fe74faba
> ./sess_f98b526208a668d407d4407a09006bd5
> ./sess_94a5a7dc98b985d170db93bb19c4dfd8
> ./sess_de29f9fbeb695de7df5fce6b69921ef0
> ./sess_29e1d26ecce86f3386595fe9ecff2b6a
> ./sess_a44fc67ea7aa7c39100e67cb1040199c
> ./sess_86849bfdedf6fd957ae873b455e936f6
> ./sess_a995ac4897a1db02e477384a8e3a1f05
> ./sess_e76aab3594fda5aa961be1e3d339bfed
> ./sess_090f28216167271d050078f31b41f6f1
> ./sess_92b65c8a5f82700dd9f6e6166ba98019
>
> root at eris:/var/lib/php5#
>
> However - This is a very full directory such as the one that completely
> filled my disk yesterday:
>
> root at eris:/var/lib/php5# find . -print | xargs -r -0
> xargs: argument line too long
> root at eris:/var/lib/php5#
>
> This results in the disk with /var on it filling and the system becoming
> completely unusable - Which is why I ticked the security vulnerability since
> effectively, this is a DOS, you may feel free to disagree.
>
> So far my fix is one of:
>
> 1. Run the cron job more often so it doesn't fill the thing so much it
> can't be deleted (poor hack)
> 2. Remove the -0 option to xargs in /etc/cron.d/php5 - Since -0 is new to
> me and seems to have little documentation I am not sure what this will
> break.
> 3. Change the lifetime of the session files in /usr/lib/php5/maxlifetime
>
> Only 2 is a good solution but I am still wondering why they used -0 and if
> there is a valid reason for it.
>
> ** This could of course be a bug in xargs but it manifests in php5 and
> since I don't have a clue what -0 is meant to do, I am not going there...
>
> Michael.
>

-- 
"The King of Sweden it will not irk. To hear that I neglect my work,
And tombfuls of historic dead, Care not how late I lie abed."

-- 
Php cron job fails when there are a lot of session files in /var/lib/php5
https://bugs.launchpad.net/bugs/482720
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.