<div dir="ltr">Good morning;<div> A question can someone help me with this issue: the file /proc/kcore has a size of 140G. How can I fix it, I must restart the server or is there another way to solve it?</div><div>kernel-uek-2.6.39-400.211.1.el6uek </div><div> </div><div>evidence sections: 1.- the size of the kcore file </div><div> </div><div>140737486266368 /proc/kcore</div><div> </div><div>2.- Size execution </div><div> </div><div>[root@srv-ccs-sirweb-db2 mnt]# lsof |grep deleted </div><div>NetworkMa 2905 root 15u REG 252,0 0 6686333 /var/lib/NetworkManager/timestamps.JCOXQ0 (deleted) NetworkMa 2905 root 16u REG 252,0 0 6689023 /var/run/nm-dhclient-em4.conf.FODXQ0 (deleted) NetworkMa 2905 root 17u REG 252,0 0 6689026 /var/lib/NetworkManager/timestamps.DJVWQ0 (deleted) NetworkMa 2905 root 18u REG 252,0 0 6689025 /var/run/nm-dhclient-em4.conf.QTKWQ0 (deleted) NetworkMa 2905 root 19u REG 252,0 0 6689028 /var/run/nm-dhclient-em4.conf.7NPWQ0 (deleted) NetworkMa 2905 root 20u REG 252,0 0 6689029 /var/run/nm-dhclient-em4.conf.C8JWQ0 (deleted) NetworkMa 2905 root 21u REG 252,0 0 6689030 /var/lib/NetworkManager/timestamps.P1GTQ0 (deleted) NetworkMa 2905 root 22u REG 252,0 0 6689031 /var/run/nm-dhclient-em4.conf.MMRTQ0 (deleted) NetworkMa 2905 root 23u REG 252,0 0 6689032 /var/run/nm-dhclient-em4.conf.M3NWQ0 (deleted) NetworkMa 2905 root 24u REG 252,0 0 6689033 /var/run/nm-dhclient-em4.conf.VPJWQ0 (deleted) NetworkMa 2905 root 25u REG 252,0 0 6689034 /var/run/nm-dhclient-em4.conf.0KMWQ0 (deleted) NetworkMa 2905 root 26u REG 252,0 0 6689060 /var/lib/NetworkManager/timestamps.BDTWQ0 (deleted) NetworkMa 2905 root 27u REG 252,0 0 6689059 /var/lib/NetworkManager/timestamps.LQCYQ0 (deleted) NetworkMa 2905 root 28u REG 252,0 0 6689061 /var/run/nm-dhclient-em4.conf.YI7WQ0 (deleted) NetworkMa 2905 root 29u REG 252,0 0 6689063 /var/run/nm-dhclient-em4.conf.VRNWQ0 (deleted) NetworkMa 2905 root 30u REG 252,0 0 6689064 /var/run/nm-dhclient-em4.conf.IBKWQ0 (deleted) NetworkMa 2905 root 31u REG 252,0 0 6689065 /var/run/nm-dhclient-em4.conf.HIMWQ0 (deleted) NetworkMa 2905 root 32u REG 252,0 0 6689066 /var/lib/NetworkManager/timestamps.HV0XQ0 (deleted) NetworkMa 2905 root 33u REG 252,0 0 6689067 /var/run/nm-dhclient-em4.conf.QL7WQ0 (deleted) NetworkMa 2905 root 34u REG 252,0 0 6689068 /var/run/nm-dhclient-em4.conf.75JWQ0 (deleted) NetworkMa 2905 root 35u REG 252,0 0 6689071 /var/lib/NetworkManager/timestamps.L30WQ0 (deleted) NetworkMa 2905 root 36u REG 252,0 0 6689070 /var/run/nm-dhclient-em4.conf.FZKWQ0 (deleted) NetworkMa 2905 root 37u REG 252,0 0 6689072 /var/run/nm-dhclient-em4.conf.XIMWQ0 (deleted) NetworkMa 2905 root 38u REG 252,0 0 6689092 /var/lib/NetworkManager/timestamps.U66WQ0 (deleted) NetworkMa 2905 root 39u REG 252,0 0 6689095 /var/run/nm-dhclient-em4.conf.0KAXQ0 (deleted) NetworkMa 2905 root 40u REG 252,0 0 6689096 /var/run/nm-dhclient-em4.conf.MGLWQ0 (deleted) NetworkMa 2905 root 41u REG 252,0 0 6689097 /var/run/nm-dhclient-em4.conf.1LMWQ0 (deleted) NetworkMa 2905 root 42u REG 252,0 0 6689100 /var/run/nm-dhclient-em4.conf.5AMWQ0 (deleted) NetworkMa 2905 root 43u REG 252,0 0 6689102 /var/lib/NetworkManager/timestamps.315VQ0 (deleted) NetworkMa 2905 root 44u REG 252,0 0 6689101 /var/lib/NetworkManager/timestamps.U5XWQ0 (deleted) NetworkMa 2905 root 45u REG 252,0 0 6689103 /var/run/nm-dhclient-em4.conf.2FLWQ0 (deleted) NetworkMa 2905 root 46u REG 252,0 0 6689104 /var/run/nm-dhclient-em4.conf.XPKWQ0 (deleted) NetworkMa 2905 root 47u REG 252,0 0 6689105 /var/run/nm-dhclient-em4.conf.47KWQ0 (deleted) NetworkMa 2905 root 48u REG 252,0 0 6689106 /var/run/nm-dhclient-em4.conf.WOTWQ0 (deleted) NetworkMa 2905 root 49u REG 252,0 0 6689107 /var/lib/NetworkManager/timestamps.6BZVQ0 (deleted) NetworkMa 2905 root 50u REG 252,0 0 6689108 /var/run/nm-dhclient-em4.conf.AOJXQ0 (deleted) NetworkMa 2905 root 51u REG 252,0 0 6689109 /var/run/nm-dhclient-em4.conf.96TWQ0 (deleted) NetworkMa 2905 root 52u REG 252,0 0 6689110 /var/run/nm-dhclient-em4.conf.4CTWQ0 (deleted) NetworkMa 2905 root 53u REG 252,0 0 6689162 /var/lib/NetworkManager/timestamps.ZLNWQ0 (deleted) NetworkMa 2905 root 54u REG 252,0 0 6689136 /var/run/nm-dhclient-em4.conf.0LUWQ0 (deleted) NetworkMa 2905 root 55u REG 252,0 0 6689163 /var/lib/NetworkManager/timestamps.ZSUXQ0 (deleted) NetworkMa 2905 root 56u REG 252,0 0 6689164 /var/run/nm-dhclient-em4.conf.2O5TQ0 (deleted) NetworkMa 2905 root 57u REG 252,0 0 6689165 /var/run/nm-dhclient-em4.conf.EKTWQ0 (deleted) NetworkMa 2905 root 58u REG 252,0 0 6689166 /var/run/nm-dhclient-em4.conf.JCTWQ0 (deleted) NetworkMa 2905 root 59u REG 252,0 0 6689167 /var/run/nm-dhclient-em4.conf.VHUWQ0 (deleted) NetworkMa 2905 root 60u REG 252,0 0 6689181 /var/lib/NetworkManager/timestamps.96NWQ0 (deleted) NetworkMa 2905 root 61u REG 252,0 0 6689183 /var/run/nm-dhclient-em4.conf.N4CYQ0 (deleted) NetworkMa 2905 root 62u REG 252,0 0 6689186 /var/lib/NetworkManager/timestamps.6DIYQ0 (deleted) NetworkMa 2905 root 63u REG 252,0 0 6689184 /var/run/nm-dhclient-em4.conf.59TWQ0 (deleted) NetworkMa 2905 root 64u REG 252,0 0 6689187 /var/run/nm-dhclient-em4.conf.1LTWQ0 (deleted) NetworkMa 2905 root 65u REG 252,0 0 6689188 /var/run/nm-dhclient-em4.conf.6XRWQ0 (deleted) NetworkMa 2905 root 66u REG 252,0 0 6689190 /var/lib/NetworkManager/timestamps.TSIYQ0 (deleted) NetworkMa 2905 root 67u REG 252,0 0 6689192 /var/run/nm-dhclient-em4.conf.VV5WQ0 (deleted) NetworkMa 2905 root 68u REG 252,0 0 6689193 /var/run/nm-dhclient-em4.conf.P3VWQ0 (deleted) NetworkMa 2905 root 69u REG 252,0 0 6689195 /var/run/nm-dhclient-em4.conf.82VWQ0 (deleted) NetworkMa 2905 root 70u REG 252,0 0 6689196 /var/lib/NetworkManager/timestamps.5GQWQ0 (deleted) NetworkMa 2905 root 71u REG 252,0 0 6689197 /var/run/nm-dhclient-em4.conf.OIUWQ0 (deleted) NetworkMa 2905 root 72u REG 252,0 0 6689199 /var/lib/NetworkManager/timestamps.OHFXQ0 (deleted) NetworkMa 2905 root 73u REG 252,0 0 6689200 /var/run/nm-dhclient-em4.conf.7LFWQ0 (deleted) NetworkMa 2905 root 74u REG 252,0 0 6689201 /var/run/nm-dhclient-em4.conf.Q2UWQ0 (deleted) NetworkMa 2905 root 75u REG 252,0 0 6689202 /var/run/nm-dhclient-em4.conf.9FTWQ0 (deleted) NetworkMa 2905 root 76u REG 252,0 0 6689203 /var/run/nm-dhclient-em4.conf.USVWQ0 (deleted) NetworkMa 2905 root 77u REG 252,0 0 6689206 /var/lib/NetworkManager/timestamps.Q1YVQ0 (deleted) NetworkMa 2905 root 78u REG 252,0 0 6689207 /var/run/nm-dhclient-em4.conf.TLMWQ0 (deleted) NetworkMa 2905 root 79u REG 252,0 0 6689208 /var/run/nm-dhclient-em4.conf.NXUWQ0 (deleted) NetworkMa 2905 root 80u REG 252,0 0 6689211 /var/lib/NetworkManager/timestamps.FW4WQ0 (deleted) NetworkMa 2905 root 81u REG 252,0 0 6689210 /var/run/nm-dhclient-em4.conf.K5VWQ0 (deleted) NetworkMa 2905 root 82u REG 252,0 0 6689212 /var/run/nm-dhclient-em4.conf.POTWQ0 (deleted) NetworkMa 2905 root 83u REG 252,0 0 6689213 /var/lib/NetworkManager/timestamps.OG6WQ0 (deleted) NetworkMa 2905 root 84u REG 252,0 0 6689214 /var/run/nm-dhclient-em4.conf.YPJXQ0 (deleted) NetworkMa 2905 root 85u REG 252,0 0 6689215 /var/run/nm-dhclient-em4.conf.WUVWQ0 (deleted) NetworkMa 2905 root 86u REG 252,0 0 6689216 /var/run/nm-dhclient-em4.conf.Q2UWQ0 (deleted) NetworkMa 2905 root 87u REG 252,0 0 6689217 /var/run/nm-dhclient-em4.conf.P0UWQ0 (deleted) NetworkMa 2905 root 88u REG 252,0 0 6689219 /var/lib/NetworkManager/timestamps.42QWQ0 (deleted) NetworkMa 2905 root 89u REG 252,0 0 6689218 /var/lib/NetworkManager/timestamps.XHXVQ0 (deleted) NetworkMa 2905 root 90u REG 252,0 0 6689220 /var/run/nm-dhclient-em4.conf.343WQ0 (deleted) NetworkMa 2905 root 91u REG 252,0 0 6689221 /var/run/nm-dhclient-em4.conf.MRQWQ0 (deleted) NetworkMa 2905 root 92u REG 252,0 0 6689222 /var/run/nm-dhclient-em4.conf.XIQWQ0 (deleted) NetworkMa 2905 root 93u REG 252,0 0 6689223 /var/run/nm-dhclient-em4.conf.LTVWQ0 (deleted) NetworkMa 2905 root 94u REG 252,0 0 6689224 /var/lib/NetworkManager/timestamps.UV3VQ0 (deleted) NetworkMa 2905 root 95u REG 252,0 0 6689225 /var/run/nm-dhclient-em4.conf.N1BVQ0 (deleted) NetworkMa 2905 root 96u REG 252,0 0 6689227 /var/run/nm-dhclient-em4.conf.ZCSWQ0 (deleted) NetworkMa 2905 root 97u REG 252,0 0 6689228 /var/run/nm-dhclient-em4.conf.UHQWQ0 (deleted) NetworkMa 2905 root 98u REG 252,0 0 6689230 /var/lib/NetworkManager/timestamps.RU0XQ0 (deleted) NetworkMa 2905 root 99u REG 252,0 0 6689229 /var/run/nm-dhclient-em4.conf.KOQWQ0 (deleted) NetworkMa 2905 root 100u REG 252,0 0 6689231 /var/lib/NetworkManager/timestamps.OFJXQ0 (deleted) NetworkMa 2905 root 101u REG 252,0 0 6689233 /var/run/nm-dhclient-em4.conf.HPCYQ0 (deleted) NetworkMa 2905 root 102u REG 252,0 0 6689235 /var/run/nm-dhclient-em4.conf.YK0XQ0 (deleted) NetworkMa 2905 root 103u REG 252,0 0 6689236 /var/run/nm-dhclient-em4.conf.WERWQ0 (deleted) NetworkMa 2905 root 104u REG 252,0 0 6689237 /var/run/nm-dhclient-em4.conf.W0QWQ0 (deleted) NetworkMa 2905 root 105u REG 252,0 0 6689238 /var/lib/NetworkManager/timestamps.W9IYQ0 (deleted) NetworkMa 2905 root 106u REG 252,0 0 6689239 /var/run/nm-dhclient-em4.conf.BVKYQ0 (deleted) NetworkMa 2905 root 107u REG 252,0 0 6689241 /var/lib/NetworkManager/timestamps.HC7WQ0 (deleted) NetworkMa 2905 root 108u REG 252,0 0 6689240 /var/run/nm-dhclient-em4.conf.21QWQ0 (deleted) NetworkMa 2905 root 109u REG 252,0 0 6689242 /var/run/nm-dhclient-em4.conf.GIQWQ0 (deleted) NetworkMa 2905 root 110u REG 252,0 0 6689243 /var/run/nm-dhclient-em4.conf.V8PWQ0 (deleted) NetworkMa 2905 root 111u REG 252,0 0 6689244 /var/lib/NetworkManager/timestamps.RPXWQ0 (deleted) NetworkMa 2905 root 112u REG 252,0 0 6689245 /var/run/nm-dhclient-em4.conf.CGGXQ0 (deleted) NetworkMa 2905 root 113u REG 252,0 0 6689246 /var/run/nm-dhclient-em4.conf.9GQWQ0 (deleted) NetworkMa 2905 root 114u REG 252,0 0 6689247 /var/run/nm-dhclient-em4.conf.Q9QWQ0 (deleted) NetworkMa 2905 root 115u REG 252,0 0 6689249 /var/lib/NetworkManager/timestamps.DQ6VQ0 (deleted) NetworkMa 2905 root 116u REG 252,0 0 6689248 /var/run/nm-dhclient-em4.conf.CWUWQ0 (deleted) NetworkMa 2905 root 117u REG 252,0 0 6689250 /var/lib/NetworkManager/timestamps.TFTWQ0 (deleted) NetworkMa 2905 root 118u REG 252,0 0 6689251 /var/run/nm-dhclient-em4.conf.PR9VQ0 (deleted) NetworkMa 2905 root 119u REG 252,0 0 6689252 /var/run/nm-dhclient-em4.conf.KPSWQ0 (deleted) NetworkMa 2905 root 120u REG 252,0 0 6689253 /var/run/nm-dhclient-em4.conf.C2SWQ0 (deleted) NetworkMa 2905 root 121u REG 252,0 0 6689254 /var/run/nm-dhclient-em4.conf.JHSWQ0 (deleted) NetworkMa 2905 root 122u REG 252,0 0 6689255 /var/lib/NetworkManager/timestamps.37IWQ0 (deleted) NetworkMa 2905 root 123u REG 252,0 0 6689256 /var/run/nm-dhclient-em4.conf.M5VVQ0 (deleted) NetworkMa 2905 root 124u REG 252,0 0 6689258 /var/run/nm-dhclient-em4.conf.GCTWQ0 (deleted) NetworkMa 2905 root 125u REG 252,0 0 6689260 /var/lib/NetworkManager/timestamps.5WUWQ0 (deleted) NetworkMa 2905 root 126u REG 252,0 0 6689259 /var/run/nm-dhclient-em4.conf.EOQWQ0 (deleted) NetworkMa 2905 root 127u REG 252,0 0 6689262 /var/run/nm-dhclient-em4.conf.8KRWQ0 (deleted) NetworkMa 2905 root 128u REG 252,0 0 6689265 /var/lib/NetworkManager/timestamps.KK4WQ0 (deleted) NetworkMa 2905 root 129u REG 252,0 0 6689266 /var/run/nm-dhclient-em4.conf.AY6XQ0 (deleted) NetworkMa 2905 root 130u REG 252,0 0 6689267 /var/run/nm-dhclient-em4.conf.EZRWQ0 (deleted) NetworkMa 2905 root 131u REG 252,0 0 6689269 /var/run/nm-dhclient-em4.conf.LDSWQ0 (deleted) NetworkMa 2905 root 132u REG 252,0 0 6689271 /var/run/nm-dhclient-em4.conf.HKRWQ0 (deleted) NetworkMa 2905 root 133u REG 252,0 0 6689273 /var/lib/NetworkManager/timestamps.1B7WQ0 (deleted) NetworkMa 2905 root 134u REG 252,0 0 6689272 /var/lib/NetworkManager/timestamps.DK0VQ0 (deleted) NetworkMa 2905 root 135u REG 252,0 0 6689274 /var/run/nm-dhclient-em4.conf.HVYWQ0 (deleted) NetworkMa 2905 root 136u REG 252,0 0 6689275 /var/run/nm-dhclient-em4.conf.YM6WQ0 (deleted) NetworkMa 2905 root 137u REG 252,0 0 6689276 /var/run/nm-dhclient-em4.conf.1HRWQ0 (deleted) NetworkMa 2905 root 138u REG 252,0 0 6689277 /var/run/nm-dhclient-em4.conf.5GRWQ0 (deleted) NetworkMa 2905 root 139u REG 252,0 0 6689278 /var/lib/NetworkManager/timestamps.DB7TQ0 (deleted) NetworkMa 2905 root 140u REG 252,0 0 6689280 /var/run/nm-dhclient-em4.conf.8GIXQ0 (deleted) NetworkMa 2905 root 141u REG 252,0 0 6689281 /var/run/nm-dhclient-em4.conf.CF0WQ0 (deleted) NetworkMa 2905 root 142u REG 252,0 0 6689285 /var/lib/NetworkManager/timestamps.KCVWQ0 (deleted) NetworkMa 2905 root 143u REG 252,0 0 6689282 /var/run/nm-dhclient-em4.conf.J9ZWQ0 (deleted) NetworkMa 2905 root 144u REG 252,0 0 6689286 /var/run/nm-dhclient-em4.conf.IC0WQ0 (deleted) NetworkMa 2905 root 145u REG 252,0 0 6689287 /var/lib/NetworkManager/timestamps.R61SQ0 (deleted) NetworkMa 2905 root 146u REG 252,0 0 6689288 /var/run/nm-dhclient-em4.conf.UOMTQ0 (deleted) NetworkMa 2905 root 147u REG 252,0 0 6689289 /var/run/nm-dhclient-em4.conf.BX0WQ0 (deleted) NetworkMa 2905 root 148u REG 252,0 0 6689290 /var/run/nm-dhclient-em4.conf.RG1WQ0 (deleted) NetworkMa 2905 root 149u REG 252,0 0 6689291 /var/run/nm-dhclient-em4.conf.65ZWQ0 (deleted) NetworkMa 2905 root 150u REG 252,0 0 6689292 /var/lib/NetworkManager/timestamps.XS0WQ0 (deleted) NetworkMa 2905 root 151u REG 252,0 0 6689293 /var/run/nm-dhclient-em4.conf.1MOXQ0 (deleted) NetworkMa 2905 root 152u REG 252,0 0 6689295 /var/lib/NetworkManager/timestamps.371WQ0 (deleted) NetworkMa 2905 root 153u REG 252,0 0 6689294 /var/run/nm-dhclient-em4.conf.BYYWQ0 (deleted) NetworkMa 2905 root 154u REG 252,0 0 6689296 /var/run/nm-dhclient-em4.conf.LM0WQ0 (deleted) NetworkMa 2905 root 155u REG 252,0 0 6689297 /var/run/nm-dhclient-em4.conf.VOZWQ0 (deleted) NetworkMa 2905 root 156u REG 252,0 0 6689298 /var/lib/NetworkManager/timestamps.XCOXQ0 (deleted) NetworkMa 2905 root 157u REG 252,0 0 6689299 /var/run/nm-dhclient-em4.conf.PQ9XQ0 (deleted) NetworkMa 2905 root 158u REG 252,0 0 6689300 /var/run/nm-dhclient-em4.conf.LN0WQ0 (deleted) NetworkMa 2905 root 159u REG 252,0 0 6689301 /var/run/nm-dhclient-em4.conf.IIYWQ0 (deleted) NetworkMa 2905 root 160u REG 252,0 0 6689303 /var/lib/NetworkManager/timestamps.LRPWQ0 (deleted) NetworkMa 2905 root 161u REG 252,0 0 6689302 /var/run/nm-dhclient-em4.conf.KX0WQ0 (deleted) NetworkMa 2905 root 162u REG 252,0 0 6689304 /var/lib/NetworkManager/timestamps.GPQWQ0 (deleted) NetworkMa 2905 root 163u REG 252,0 0 6689306 /var/run/nm-dhclient-em4.conf.DZ5VQ0 (deleted) NetworkMa 2905 root 164u REG 252,0 0 6689308 /var/run/nm-dhclient-em4.conf.Z3ZWQ0 (deleted) NetworkMa 2905 root 165u REG 252,0 0 6689309 /var/run/nm-dhclient-em4.conf.W7XWQ0 (deleted) NetworkMa 2905 root 166u REG 252,0 0 6689310 /var/run/nm-dhclient-em4.conf.F51WQ0 (deleted) NetworkMa 2905 root 167u REG 252,0 0 6689311 /var/lib/NetworkManager/timestamps.SMXWQ0 (deleted) NetworkMa 2905 root 168u REG 252,0 0 6689313 /var/run/nm-dhclient-em4.conf.HPQXQ0 (deleted) NetworkMa 2905 root 169u REG 252,0 0 6689318 /var/lib/NetworkManager/timestamps.ODPWQ0 (deleted) NetworkMa 2905 root 170u REG 252,0 0 6689316 /var/run/nm-dhclient-em4.conf.ROZWQ0 (deleted) NetworkMa 2905 root 171u REG 252,0 0 6689320 /var/run/nm-dhclient-em4.conf.MHXWQ0 (deleted) NetworkMa 2905 root 172u REG 252,0 0 6689321 /var/run/nm-dhclient-em4.conf.IX1WQ0 (deleted) NetworkMa 2905 root 173u REG 252,0 0 6689322 /var/lib/NetworkManager/timestamps.8PFWQ0 (deleted) NetworkMa 2905 root 174u REG 252,0 0 6689325 /var/run/nm-dhclient-em4.conf.JDQXQ0 (deleted) NetworkMa 2905 root 175u REG 252,0 0 6689326 /var/run/nm-dhclient-em4.conf.WE1WQ0 (deleted) NetworkMa 2905 root 176u REG 252,0 0 6689327 /var/run/nm-dhclient-em4.conf.6F2WQ0 (deleted) NetworkMa 2905 root 177u REG 252,0 0 6689328 /var/run/nm-dhclient-em4.conf.OA1WQ0 (deleted) NetworkMa 2905 root 178u REG 252,0 0 6689330 /var/lib/NetworkManager/timestamps.TYXWQ0 (deleted) NetworkMa 2905 root 179u REG 252,0 0 6689329 /var/lib/NetworkManager/timestamps.71KTQ0 (deleted) NetworkMa 2905 root 180u REG 252,0 0 6689331 /var/run/nm-dhclient-em4.conf.XXFXQ0 (deleted) NetworkMa 2905 root 181u REG 252,0 0 6689332 /var/run/nm-dhclient-em4.conf.M71WQ0 (deleted) NetworkMa 2905 root 182u REG 252,0 0 6689333 /var/run/nm-dhclient-em4.conf.AY1WQ0 (deleted) NetworkMa 2905 root 183u REG 252,0 0 6689334 /var/run/nm-dhclient-em4.conf.TV0WQ0 (deleted) NetworkMa 2905 root 184u REG 252,0 0 6689335 /var/lib/NetworkManager/timestamps.FBBYQ0 (deleted) NetworkMa 2905 root 185u REG 252,0 0 6689336 /var/run/nm-dhclient-em4.conf.Z9ZXQ0 (deleted) NetworkMa 2905 root 186u REG 252,0 0 6689337 /var/run/nm-dhclient-em4.conf.510WQ0 (deleted) NetworkMa 2905 root 187u REG 252,0 0 6689339 /var/lib/NetworkManager/timestamps.UJKWQ0 (deleted) NetworkMa 2905 root 188u REG 252,0 0 6689338 /var/run/nm-dhclient-em4.conf.NA2WQ0 (deleted) NetworkMa 2905 root 189u REG 252,0 0 6689340 /var/run/nm-dhclient-em4.conf.RCWWQ0 (deleted) NetworkMa 2905 root 190u REG 252,0 0 6689341 /var/lib/NetworkManager/timestamps.W11WQ0 (deleted) NetworkMa 2905 root 191u REG 252,0 0 6689342 /var/run/nm-dhclient-em4.conf.L5QXQ0 (deleted) NetworkMa 2905 root 192u REG 252,0 0 6689343 /var/run/nm-dhclient-em4.conf.OL2WQ0 (deleted) NetworkMa 2905 root 193u REG 252,0 0 6689344 /var/run/nm-dhclient-em4.conf.ROWWQ0 (deleted) NetworkMa 2905 root 194u REG 252,0 0 6689345 /var/run/nm-dhclient-em4.conf.0VWWQ0 (deleted) NetworkMa 2905 root 195u REG 252,0 0 6689347 /var/lib/NetworkManager/timestamps.9VGWQ0 (deleted) NetworkMa 2905 root 196u REG 252,0 0 6689346 /var/lib/NetworkManager/timestamps.XQ3XQ0 (deleted) NetworkMa 2905 root 197u REG 252,0 0 6689348 /var/run/nm-dhclient-em4.conf.RPYWQ0 (deleted) NetworkMa 2905 root 198u REG 252,0 0 6689349 /var/run/nm-dhclient-em4.conf.VIYWQ0 (deleted) NetworkMa 2905 root 199u REG 252,0 0 6689350 /var/run/nm-dhclient-em4.conf.QY1WQ0 (deleted) NetworkMa 2905 root 200u REG 252,0 0 6689351 /var/run/nm-dhclient-em4.conf.F6YWQ0 (deleted) NetworkMa 2905 root 201u REG 252,0 0 6689352 /var/lib/NetworkManager/timestamps.3MRXQ0 (deleted) NetworkMa 2905 root 202u REG 252,0 0 6689353 /var/run/nm-dhclient-em4.conf.Y0LXQ0 (deleted) NetworkMa 2905 root 203u REG 252,0 0 6689354 /var/run/nm-dhclient-em4.conf.XDWWQ0 (deleted) NetworkMa 2905 root 204u REG 252,0 0 6689355 /var/run/nm-dhclient-em4.conf.ONXWQ0 (deleted) NetworkMa 2905 root 205u REG 252,0 0 6689357 /var/lib/NetworkManager/timestamps.287WQ0 (deleted) NetworkMa 2905 root 206u REG 252,0 0 6689356 /var/run/nm-dhclient-em4.conf.EMXWQ0 (deleted) NetworkMa 2905 root 207u REG 252,0 0 6689358 /var/lib/NetworkManager/timestamps.MSJWQ0 (deleted) NetworkMa 2905 root 208u REG 252,0 0 6689359 /var/run/nm-dhclient-em4.conf.9PZXQ0 (deleted) NetworkMa 2905 root 209u REG 252,0 0 6689360 /var/run/nm-dhclient-em4.conf.0KYWQ0 (deleted) NetworkMa 2905 root 210u REG 252,0 0 6689361 /var/run/nm-dhclient-em4.conf.Y21WQ0 (deleted) NetworkMa 2905 root 211u REG 252,0 0 6689362 /var/run/nm-dhclient-em4.conf.QVXWQ0 (deleted) NetworkMa 2905 root 212u REG 252,0 0 6689363 /var/lib/NetworkManager/timestamps.CX8WQ0 (deleted) NetworkMa 2905 root 213u REG 252,0 0 6689364 /var/run/nm-dhclient-em4.conf.VMYWQ0 (deleted) NetworkMa 2905 root 214u REG 252,0 0 6689366 /var/lib/NetworkManager/timestamps.D6RWQ0 (deleted) NetworkMa 2905 root 215u REG 252,0 0 6689365 /var/run/nm-dhclient-em4.conf.RMYWQ0 (deleted) <div> thank you very much to thank </div></div><div> </div><div>Atte;</div><div> </div><div>Juan Guerrero</div></div> <div class="gmail_quote"><div dir="ltr" class="gmail_attr">El vie, 11 dic 2020 a las 7:46, Topi Miettinen (<<a href="mailto:toiwoton@gmail.com">toiwoton@gmail.com</a>>) escribió: </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 11.12.2020 12.46, Jarkko Sakkinen wrote: > On Wed, Dec 09, 2020 at 10:35:21AM +0200, Topi Miettinen wrote: >> On 9.12.2020 2.15, Jarkko Sakkinen wrote: >>> On Wed, Dec 09, 2020 at 01:15:27AM +0200, Topi Miettinen wrote: >>>>>>> As a further argument, I just did this on a Fedora system: >>>>>>> $ find /dev -perm /ugo+x -a \! -type d -a \! -type l >>>>>>> No results. So making /dev noexec doesn't seem to have any benefit. >>>>>> >>>>>> It's no surprise that there aren't any executables in /dev since >>>>>> removing MAKEDEV ages ago. That's not the issue, which is that >>>>>> /dev is a writable directory (for UID=0 but no capabilities are >>>>>> needed) and thus a potential location for constructing unapproved >>>>>> executables if it is also mounted exec (W^X). >>>>> >>>>> UID 0 can just change mount options, though, unless SELinux or similar is used. And SELinux can protect /dev just fine without noexec. >>>> >>>> Well, mounting would need CAP_SYS_ADMIN in addition to UID 0. Also SELinux >>>> is not universal and the policies might not contain all users or services. >>>> >>>> -Topi >>> >>> What's the data that supports having noexec /dev anyway? With root >>> access I can then just use something else like /dev/shm mount. >>> >>> Has there been out in the wild real world cases that noexec mount >>> of would have prevented? >>> >>> For me this sounds a lot just something that "feels more secure" >>> without any measurable benefit. Can you prove me wrong? >> >> I don't think security works that way. An attacker has various methods to >> choose from, some are more interesting than others. The case where rw,exec >> /dev would be interesting would imply that easier or more common avenues >> would be blocked, for example rw,exec /dev/shm, /tmp, /var/tmp, or >> /run/user/$UID/ for user. Also fileless malware with pure ROP/JOP approach >> with no need for any file system access is getting more common. It does not >> mean that it would not be prudent to block the relatively easy approaches >> too, including /dev. > > What if we add a new mount option "chrexec", which allows exec > for character devices (S_IFCHR). I think devices are a bad match for SGX because devices haven't been executable and SGX is actually an operation for memory. So something like memfd_create(, MFD_SGX) or mmap(,, PROT_READ|PROT_EXEC|PROT_SGX) would be much more natural. Even better would be something that conceptully also works for AMD version (either with the same flags or MFD_SGX / MFD_whatever_the_AMD_version_is). -Topi _______________________________________________ systemd-devel mailing list <a href="mailto:systemd-devel@lists.freedesktop.org" target="_blank">systemd-devel@lists.freedesktop.org</a> <a href="https://lists.freedesktop.org/mailman/listinfo/systemd-devel" rel="noreferrer" target="_blank">https://lists.freedesktop.org/mailman/listinfo/systemd-devel</a> </blockquote></div>