Subject: Re: The reason for securelevel (was: sysctl knob to let sugid processes dump core (pr 15994))
To: Travis H. <>
From: Garrett D'Amore <>
List: tech-security
Date: 01/29/2006 08:51:47
Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Sunday 29 January 2006 12:18 am, Travis H. wrote:
> On 1/26/06, Steven M. Bellovin <> wrote:
> > In principle, this is a fine idea.  In practice, figuring out the right
> > set of bits is non-trivial.  It's not a direct analogy, but SGI has 48
> > different privileges that a process can have.
> I like the idea of having fine-grained controls.  That way, an expert
> can configure his or her system with exactly the abilities necessary,
> or they could code some userland "wizard" to ask you user-friendly
> questions and set/check it for you.
> Look at permissions on the file system, and mtree, for example.
> Honestly, I know core dumps are important for debugging, but from a
> sysadmin point of view they are quite frequently merely annoying
> garbage that accumulates in directories that shouldn't really be:
> a) writeable
> b) increasing in size
> c) increasing inode count
> anyway.  I've deleted in excess of 100 core files for every one that
> gets analyzed.

Add to this that dumping core over NFS is really hard on the network.
=46or this reason I have done this:

cd ~
mkdir core

The core files have all stopped.

> --
> "The generation of random numbers is too important to be left to chance."
>   -- Robert Coveyou -><-
> GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B

Garrett D'Amore, Principal Software Engineer
Tadpole Computer / Computing Technologies Division,
General Dynamics C4 Systems
Phone: 951 325-2134  Fax: 951 325-2191

Content-Type: application/pgp-signature

Version: GnuPG v1.4.2 (SunOS)