Control: tags -1 + security On Sat, 2019-03-16 at 11:08 +0100, Jakub Wilk wrote:
> The package description says that you can disable core dumping in > /etc/security/limits.d/corekeeper.conf, but this doesn't work on Linux, This feels like a DoS attack since the disk could fill up. > * The kernel (intentionally) doesn't enforce the RLIMIT_CORE when a core > dump handler is installed. Ugh. > * corekeeper doesn't enforce this limit on its own either. Should corekeeper use `ulimit -c` to retrieve the limit? Should corekeeper enforce the soft or hard limit? Is this an appropriate way to enforce the limit? su "$(getent passwd "$owner" | cut -d: -f1)" dd bs="$limit" count=1 of="/var/crash/$owner/$core" It does mean reading the core file into RAM before writing it but I cannot think of any other way to limit the size without writing to disk. -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
