lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <45A2EADF.3030807@hitachi.com>
Date:	Tue, 09 Jan 2007 10:07:43 +0900
From:	"Kawai, Hidehiro" <hidehiro.kawai.ez@...achi.com>
To:	Pavel Machek <pavel@...e.cz>
Cc:	Andrew Morton <akpm@...l.org>, linux-kernel@...r.kernel.org,
	gregkh@...e.de, james.bottomley@...eleye.com,
	Satoshi OSHIMA <soshima@...hat.com>,
	"Hideo AOKI@...hat" <haoki@...hat.com>,
	sugita <yumiko.sugita.yf@...achi.com>,
	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>,
	Alan Cox <alan@...rguk.ukuu.org.uk>
Subject: Re: [PATCH] binfmt_elf: core dump masking support

Hi, Pavel

Pavel Machek wrote:

> > When a new process is created, the process inherits the coremask
> > setting from its parent. It is useful to set the coremask before
> > the program runs. For example:
> > 
> >   $ echo 1 > /proc/self/coremask
> >   $ ./some_program
>
> User can already ulimit -c 0 on himself, perhaps we want to use same
> interface here? ulimit -cmask=(bitmask)?

Are you saying that 1) it is good to change ulimit (shell programs)
so that shell programs will read/write /proc/self/coremask when
the -cmask option is given to ulimit?
Or, 2) it is good to change ulimit and get/setrlimit so that shell
programs will invoke get/setrlimit with new parameter?

If the changes are acceptable to bash or other shell community, I think
the first approach is nice.
But the second approach is problematic because the bitmask doesn't
conform to the usage of setrlimit.  You know, setrlimit controls amount
of resources the system can use by the soft limit and hard limit.
These limitations don't suit for the bitmask.


By the way, the /proc/<pid>/coremask method has an advantage over the
ulimit method.  It allows system administrator to change the bitmask of
any process anytime.
That's why I decided to use the /proc/<pid>/ interface.

Best regards,
--
Hidehiro Kawai
Hitachi, Ltd., Systems Development Laboratory


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ