BIND less restrictive modes and policy
Steve Grubb
sgrubb at redhat.com
Tue Jan 22 18:22:20 UTC 2008
On Tuesday 22 January 2008 11:04:11 Adam Tkac wrote:
> I don't think so. As I wrote in
> https://bugzilla.redhat.com/show_bug.cgi?id=400461#c21 named is able
> to produce core file after setuid when /var/named directory is
> writable by named user. This is main reason why I want this directory
> writable. It means that you will have always core file when named
> gets sigsegv (no additional setup is needed, only writable
> /var/named).
To me, that is not enough reason. You have to do some work to allow coredumps
at all. So, the admin may as well use /proc/sys/kernel/core_name_format to
tell the kernel where to put the file.
-Steve
More information about the fedora-devel-list
mailing list