Subject: Re: sysctl knob to let sugid processes dump core (pr 15994)
To: Garrett D'Amore <garrett_damore@tadpole.com>
From: Tim Rightnour <root@garbled.net>
List: tech-security
Date: 01/13/2006 23:55:35
On 14-Jan-2006 Garrett D'Amore wrote:
> The one thing that a having the ownership be root doesn't do is limiting
> the space. If necessary, creating a new administrative user ("core"?)
> could be used (tunable via sysctl), but I'd argue that we can solve that
> problem later.
If we provide a set of defaults.. I'd prefer it was root:/var/crash or maybe
/var/core and have /var/core entered in mtree. If you set the dir to NULL or
somesuch perhaps it would default to standard coredump behavior of dropping in
the pwd.
That being said.. I would prefer we allowed to to be tunable. We provide the
rope and all that stuff. I would like to be able to say that all such
coredumps might be owned by the user "garbled" if I feel like it.
We could allways add a setgidcoreas_euid switch later or something too..
Reasonable defaults is all that really matters though.
---
Tim Rightnour <root@garbled.net>
NetBSD: Free multi-architecture OS http://www.netbsd.org/
Genecys: Open Source 3D MMORPG: http://www.genecys.org/