Phil Pennock wrote: > This is the entire problem -- the transport runs as non-root, so can
> only raise the core size current ulimit to the configured maximum. Only
> root can raise maximum values. This is kernel-enforced.
>
> But Exim sets both the current *and* the maximum values to 0.
>
> If Exim set only the current value, leaving the maximum as
> RLIM_INFINITY, then Jorg could indeed do exactly as you say. It's
> because Exim is taking an action which only root can reverse that
> there's an issue.
> Since it's an external program that's crashing, why not write a
setuid-root wrapper that raises RLIMIT_CORE, goes back to an
unprivileged user, and exec's the "real" program? You want to be extra
careful of course :)
FWIW I dislike it when software tries to be too clever. If I want to
disable core dumps, I can invoke exim from a context that already has
the limit set to zero, such as in my startup script. Also, having to
patch a program just to be able to debug risks invoking heissenbug
behaviour, although in this case it Should (tm) be irrelevant as it's
the transport crashing, not exim.