Subject: Re: The reason for securelevel (was: sysctl knob to let sugid processes dump core (pr 15994))
To: Travis H. <email@example.com>
From: Garrett D'Amore <firstname.lastname@example.org>
Date: 01/29/2006 08:51:47
On Sunday 29 January 2006 12:18 am, Travis H. wrote:
> On 1/26/06, Steven M. Bellovin <email@example.com> wrote:
> > In principle, this is a fine idea. In practice, figuring out the right
> > set of bits is non-trivial. It's not a direct analogy, but SGI has 48
> > different privileges that a process can have.
> I like the idea of having fine-grained controls. That way, an expert
> can configure his or her system with exactly the abilities necessary,
> or they could code some userland "wizard" to ask you user-friendly
> questions and set/check it for you.
> Look at permissions on the file system, and mtree, for example.
> Honestly, I know core dumps are important for debugging, but from a
> sysadmin point of view they are quite frequently merely annoying
> garbage that accumulates in directories that shouldn't really be:
> a) writeable
> b) increasing in size
> c) increasing inode count
> anyway. I've deleted in excess of 100 core files for every one that
> gets analyzed.
Add to this that dumping core over NFS is really hard on the network.
=46or this reason I have done this:
The core files have all stopped.
> "The generation of random numbers is too important to be left to chance."
> -- Robert Coveyou -><- http://www.lightconsulting.com/~travis/
> GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
Garrett D'Amore, Principal Software Engineer
Tadpole Computer / Computing Technologies Division,
General Dynamics C4 Systems
Phone: 951 325-2134 Fax: 951 325-2191
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (SunOS)
-----END PGP SIGNATURE-----