Date: Thu, 21 Feb 2008 04:18:56 +0100 From: Joerg Sonnenberger <joerg@britannica.bec.de> To: freebsd-hackers@freebsd.org Cc: ari edelkind <edelkind-freebsd-hackers@episec.com> Subject: Re: encrypted executables Message-ID: <20080221031856.GA17599@britannica.bec.de> In-Reply-To: <20080221023902.GI79355@episec.com> References: <86068e730802181718s1ad50d3axeae0dde119ddcf92@mail.gmail.com> <47BA3334.4040707@andric.com> <86068e730802181954t52e4e05ay65e04c5f6de9b78a@mail.gmail.com> <20080219040912.GA14809@kobe.laptop> <f8e3d83f0802200451r463f188bn881268b9b2768846@mail.gmail.com> <47BCD34F.7010309@freebsd.org> <20080221023902.GI79355@episec.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 20, 2008 at 09:39:03PM -0500, ari edelkind wrote: > Mind you, it's true that disabling core dumps with a resource limit > doesn't keep one from creating a core image using gcore, but since gcore > generally must either attach to a process using ptrace() or access > mapped code segments in the original binary (depending on the > implementation), it won't help in such a case, either. What prevents me from patching the kernel (!) to just ignore the resource limit? Nothing. Joerg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080221031856.GA17599>