We've received a security report report about syslog-ng, that uses mongo-c-driver to send log messages to mongodb. The problem is actually in mongo-c-driver, and could apply to all applications using mongo-c-driver, hence this report.

The shared memory block in /dev/shm/mongoc-${PID} is a predictable name, in a world writable directory without O_EXCL and O_NOFOLLOW, thus can be used to craft a symlink attack.

We created this workaround that passes --disable-shm-counters to the configure script:

https://github.com/balabit/syslog-ng/pull/1219

But that won't fix distributions (once mongo-c-driver is included there) and it would be a lot better to actually fix the problem so that mongoc-stats remains available after the fix.

Is this something that you can handle with priority? Because if it is, I'd not commit our workaround, but rather wait for the proper fix. If it is not, we would disable the shm based counters in our builds.