DragonFly bugs List (threaded) for 2008-02
DragonFly BSD
DragonFly bugs List (threaded) for 2008-02
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Coredumping design error


From: Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>
Date: Sat, 16 Feb 2008 10:01:22 -0800 (PST)

:Hello Simon,
:
:In my opinion checking for ownership is better. We are avoiding other
:possible(?) bugs e.g. allowing to read files you don't own but resides
:on a directory you own. I also noticed that non-root users trying to
:coredump on other non-root users pre-created dumps fail silently.
:
:By the way as seen in my patch, we wouldn't want to hard code != 0
:because DragonFly may implement a type enforcement system or
:authorization framework.
:
:Up to you guys. I might be missing something.
:
:Cheers,
:   Ed

    Yes, I agree, we definitely do not want to remove the file.  The reason
    is that it is possible (and likely) that a service process that forks
    may coredump multiple times, possibly even in parallel.  Possibly
    hundreds of times in parallel.  This is one reason why the coredump
    code gets an advisory lock on the file.

    My only question re: this patch is whether it will work properly
    with sysctl kern.sugid_coredump.

						-Matt



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]