DragonFly bugs List (threaded) for 2008-02
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
Re: Coredumping design error
| From: | Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx> |
| Date: | Sat, 16 Feb 2008 10:01:22 -0800 (PST) |
:Hello Simon,
:
:In my opinion checking for ownership is better. We are avoiding other
:possible(?) bugs e.g. allowing to read files you don't own but resides
:on a directory you own. I also noticed that non-root users trying to
:coredump on other non-root users pre-created dumps fail silently.
:
:By the way as seen in my patch, we wouldn't want to hard code != 0
:because DragonFly may implement a type enforcement system or
:authorization framework.
:
:Up to you guys. I might be missing something.
:
:Cheers,
: Ed
Yes, I agree, we definitely do not want to remove the file. The reason
is that it is possible (and likely) that a service process that forks
may coredump multiple times, possibly even in parallel. Possibly
hundreds of times in parallel. This is one reason why the coredump
code gets an advisory lock on the file.
My only question re: this patch is whether it will work properly
with sysctl kern.sugid_coredump.
-Matt
- Follow-Ups:
- Re: [issue950] Coredumping design error
- From: "Eduardo Tongson" <propolice@gmail.com>
- Re: [issue950] Coredumping design error
- References:
- Coredumping design error
- From: "Eduardo Tongson" <propolice@gmail.com>
- Re: Coredumping design error
- From: "Simon 'corecode' Schubert" <corecode@fs.ei.tum.de>
- Re: Coredumping design error
- From: "Eduardo Tongson" <propolice@gmail.com>
- Coredumping design error
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]