On 12/01/2016 10:08 PM, Per Jessen wrote:
Ruediger Meier wrote:
On Thursday 01 December 2016, Carlos E. R. wrote:
On 2016-12-01 15:26, jdd wrote:
Le 01/12/2016 à 15:22, Carlos E. R. a écrit :
I have no idea if/how that is possible. a coredump may hold sensitive infos. Mr Root always can read your core dumps and your memory.
I was dumbly thinking a developer uses his own computer :-( Well... I can imagine scenarios. If you are a student and use a school/college computer, administered by the lab chief, you have to call him to get access to your own cores. On my systems the user has read access (ACL) to it's coredump. So this is no problem.
More bad it is that the user can't delete it's own coredump and also not disable it by ulimit. And the user can exceed his disk quota by producing coredumps. With the default setup in Leap422, afaict user coredumps are disabled by default, and I don't see how the user can exceed his quota when systemd is handling it.
For me systemd coredumps were enabled by default and work as user. So my users are able to fill the hardisk with cordumps. The user's quota is ignored because systemd core dumps are owned by root. That's wrong IMO. Also systemd-coredump should respect the ulimit -c settings (That's what the %c argument would be used for). So if you have a 50G process crashing then this core dumper would probably write the whole 50G to disk. I guess the machine would slow down for hours because by default it even uses xz compression. cu, Rudi -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org