[systemd-devel] [PATCH] [RFCv7] Optionally save core dumps as plain files
Lennart Poettering
lennart at poettering.net
Tue Jun 24 06:21:02 PDT 2014
On Mon, 23.06.14 14:29, Dave Reisner (d at falconindy.com) wrote:
> > Anyway, I hope this makes sense.
> >
> > With these changes coredumpctl actually is now really useful and just
> > works. I have thus dropped the "systemd-" prefix. We should probably
> > start advertising it more.
>
> Are there plans to limit the size of the directory in any way? As is,
> the default setup is prone to a simple DoS attack as a non-root user:
>
> while true; do bash -c 'kill -SEGV $$'; done
Currently clean-up is done via tmpfiles-based aging. But yeah, you are
right, we need something there that makes sure people cannot flood the
directory with stuff. I have added this to the TODO list. It should be
simple enough, we can take some inspiration from the journal vacuum
logic, however modify it slightly since we probably don't want to to
ratelimiting per-user/service, but I am not sure.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list