From owner-freebsd-questions Sat Sep 18 4:43:58 1999 Delivered-To: freebsd-questions@freebsd.org Received: from scientia.demon.co.uk (scientia.demon.co.uk [212.228.14.13]) by hub.freebsd.org (Postfix) with ESMTP id 03AAD14E54 for ; Sat, 18 Sep 1999 04:43:42 -0700 (PDT) (envelope-from ben@scientia.demon.co.uk) Received: from lithium.scientia.demon.co.uk ([192.168.0.3] ident=exim) by scientia.demon.co.uk with esmtp (Exim 3.032 #1) id 11SIS7-000NzC-00; Sat, 18 Sep 1999 12:14:47 +0100 Received: (from ben) by lithium.scientia.demon.co.uk (Exim 3.032 #1) id 11SIS5-00017D-00; Sat, 18 Sep 1999 12:14:45 +0100 Date: Sat, 18 Sep 1999 12:14:45 +0100 From: Ben Smithurst To: Spidey Cc: Freebsd Questions Mailing list Subject: Re: Limiting core dumps for users Message-ID: <19990918121445.A4234@lithium.scientia.demon.co.uk> References: <14307.3231.325388.238041@freed.dyn.ez-ip.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.6i In-Reply-To: <14307.3231.325388.238041@freed.dyn.ez-ip.net> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Spidey wrote: > By the login.conf manpage, if I do this: > > default:\ > [...] > :coredumpsize=0:\ > [...] > > It will forbid users from doing core dumps. Am I right? Should do. You *did* remember to do cap_mkdb /etc/login.conf, yes? > If I am, why does this 'classless' user can do this: > > bash-2.03$ cat > core.c > /* do a coredump */ > > int main( int argc, char** argv) { > > int *i = 0; > i[0] = 1; > > } > bash-2.03$ gcc core.c -o core > bash-2.03$ ./core > Segmentation fault (core dumped) > bash-2.03$ ls -l core* > -rwxr-xr-x 1 marc guest 3084 Sep 17 23:18 core > -rw-r--r-- 1 marc guest 82 Sep 17 23:18 core.c > -rw------- 1 marc guest 266240 Sep 17 23:19 core.core > bash-2.03$ Try `limits` at that prompt to see what the coredump limit actually is. If you've done cap_mkdb, and it still shows a non-zero value for coredumpsize, then I don't know. > FreeBSD freed.dyn.ez-ip.net 3.3-RC FreeBSD 3.3-RC #16: Fri Sep 10 > 21:09:10 EDT 1999 > spidey@freed.dyn.ez-ip.net:/usr/src/sys/compile/HALL i386 > > which.... hum... is supposed to be -stable, but I think is the > 'pre-release' am I right? What is -RC? Release Candidate. -- Ben Smithurst | PGP: 0x99392F7D ben@scientia.demon.co.uk | key available from keyservers and | ben+pgp@scientia.demon.co.uk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message