Re: [exim] Exim drops core size

Top Page

Reply to this message
Author: Jörg Sommer
Date:  
To: exim-users
Subject: Re: [exim] Exim drops core size
Hallo Nigel,

Nigel Metheringham <nigel.metheringham@???> wrote:
>
> On 29 Mar 2009, at 10:06, Jörg Sommer wrote:
>
>> That's not a debugging feature. It's a resource limit Exim
>> manipulates.
>> There's no reason why Exim should change this limit.
>
> Exim runs setuid root. Dropping core (while never a good thing) is a
> security issue for setuid root programs.


Very interesting assertion, but why doesn't exim do it?

# grep core /proc/26428/limits 
Max core file size        unlimited            unlimited            bytes
# ls -l /proc/26428/exe
lrwxrwxrwx 1 root root 0 Mar 29 22:55 /proc/26428/exe -> /usr/sbin/exim4


At least for Linux, your assertion is wrong. Linux doesn't create dumps
of setuid processes. See suid_dumpable in proc(5).

Bye, Jörg.
--
Du hast keine Chance – also nutze sie.