Hi Pavel and Andrew, Pavel Machek wrote: >>This patch adds the documentation for the following parameters: >> /proc/<pid>/core_flags >> /proc/sys/kernel/core_flags_enable > > Sysctl seems really strange to me. Either the feature is safe to use, > or it is not. Users can already ulimit -c 0, and we do not have > "/proc/sys/kernel/allow_users_to_disable_their_core_dumps".
Oh, I had forgotten that. Thank you for pointing out. The purpose of this sysctl is to prevent a bad process from hiding its memory. But as you say, this sysctl isn't enough for the purpose. Andrew wrote: > Does this feature have any security implications? For example, there might > be system administration programs which force a coredump on a "bad" > process, and leave the core somewhere for the administrator to look at. I have never heard of the story that ulimit -c 0 bothered an administrator who wanted to force a coredump. So even without this sysctl, the administrator wouldn't bother about security concerns. I'll drop it from the next version. Thanks, -- Hidehiro Kawai Hitachi, Ltd., Systems Development Laboratory - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
