On Wed, May 22, 2013 at 9:22 AM, Tollef Fog Heen <[email protected]> wrote: > ]] Oleksii Shevchuk > >> > > For security reasons. It will be better if user will not have access to >> > > own cores by default (situation is the same with journal backend in >> > > upstream now). >> >> > Why? >> >> When apps like gpg/lastpass/whatelse-with-passwords crashes, then user >> probably >> will not be very happy to have all that data accessible as is. > > They should either be sgid some group and then setgid to the user's > group or just use prctl(PR_SET_DUMPABLE, 0).
`gpg` already disables core dumps by setting RLIMIT_CORE to zero. -- Mantas Mikulėnas <[email protected]> _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
