[systemd-devel] [PATCH] [RFCv7] Optionally save core dumps as plain files

Tollef Fog Heen tfheen at err.no
Tue May 21 23:22:57 PDT 2013


]] Oleksii Shevchuk 

> > > For security reasons. It will be better if user will not have access to
> > > own cores by default (situation is the same with journal backend in
> > > upstream now).
> 
> > Why?
> 
> When apps like gpg/lastpass/whatelse-with-passwords crashes, then user probably
> will not be very happy to have all that data accessible as is.

They should either be sgid some group and then setgid to the user's
group or just use prctl(PR_SET_DUMPABLE, 0).

-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are


More information about the systemd-devel mailing list