[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kern/45393 (core dumps are unilaterally prevented by unmounted cwd or MNT_NOCOREDUMP even if corename will be valid)
The following reply was made to PR kern/45393; it has been noted by GNATS.
From: "Greg A. Woods" <woods%planix.com@localhost>
To: NetBSD GNATS <gnats-bugs%NetBSD.org@localhost>
NetBSD Kernel Bug People <kern-bug-people%netbsd.org@localhost>,
Subject: Re: kern/45393 (core dumps are unilaterally prevented by unmounted cwd
or MNT_NOCOREDUMP even if corename will be valid)
Date: Fri, 23 Sep 2011 17:18:11 -0700
Content-Type: text/plain; charset=US-ASCII
At Fri, 23 Sep 2011 09:01:06 +0000 (UTC), wiz%NetBSD.org@localhost wrote:
Subject: Re: kern/45393 (core dumps are unilaterally prevented by unmounted=
cwd or MNT_NOCOREDUMP even if corename will be valid)
> Ok to close?
What Christos committed isn't exactly what I had in mind... :-)
It is now strictly obeying MNT_NOCOREDUMP, but given the prevalence of
single-filesystem systems, I think what I suggested makes more sense,
i.e. only honour MNT_NOCOREDUMP if the pathname is relative, thus
allowing the administrator to set an absolute pathname for one or more
processes (or even sometimes all of them via kern.defcorename, though
that choice obviates the need for setting MNT_NOCOREDUMP in the first
place, except as a second line of defence from accidental core
pollution) to allow them to dump core in a given location, and also
allowing a user to get a core image from their own processes upon
specific request, but otherwise preventing processes from normally
dumping in any old CWD.
However, on second look I realize I have not yet fully explored all the
potential problems with ptrace(). I think it's safe the way I wrote it,
but I cannot yet prove it.
If so then I guess the question is whether MNT_NOCOREDUMP should reign
supreme, or whether there should be a way around it for special cases.
Personally I think that if I as the superuser set proc.blah.corename (or
kern.defcorename) to an absolute pathname then I want core dumps to
happen even if I'm silly enough to also have MNT_NOCOREDUMP set on the
filesystem for that location.
I think users should also be able to use ptrace() or proc.*.corename to
force a core dump to an absolute pathname (where they have sufficient
privilege) regardless of whether the admin has set things up to
generally prevent cores from dropping in random CWDs anywhere and
Indeed I think MNT_NOCOREDUMP is basically a throwback to before there
was a way to set an absolute pathname for core files and that it could
be at least reduced in importance in the way I suggest, if not
Perhaps this should be discussed with a wider audience?
Greg A. Woods
+1 250 762-7675 RoboHack
Planix, Inc. <woods%planix.com@localhost> Secrets of the Weird
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (NetBSD)
-----END PGP SIGNATURE-----
Main Index |
Thread Index |