[systemd-devel] [PATCH] [RFCv7] Optionally save core dumps as plain files
Lennart Poettering
lennart at poettering.net
Fri Jun 27 10:47:06 PDT 2014
On Tue, 24.06.14 15:21, Lennart Poettering (lennart at poettering.net) wrote:
> On Mon, 23.06.14 14:29, Dave Reisner (d at falconindy.com) wrote:
>
> > > Anyway, I hope this makes sense.
> > >
> > > With these changes coredumpctl actually is now really useful and just
> > > works. I have thus dropped the "systemd-" prefix. We should probably
> > > start advertising it more.
> >
> > Are there plans to limit the size of the directory in any way? As is,
> > the default setup is prone to a simple DoS attack as a non-root user:
> >
> > while true; do bash -c 'kill -SEGV $$'; done
>
> Currently clean-up is done via tmpfiles-based aging. But yeah, you are
> right, we need something there that makes sure people cannot flood the
> directory with stuff. I have added this to the TODO list. It should be
> simple enough, we can take some inspiration from the journal vacuum
> logic, however modify it slightly since we probably don't want to to
> ratelimiting per-user/service, but I am not sure.
This is implemented now.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list