| 1 |
>>> Check out 'ulimit -a' or search for 'ulimit' in bash(1). |
| 2 |
>> |
| 3 |
>> I read about ulimit and I'm wondering if I need to worry about |
| 4 |
>> increasing that coredump size from zero. Can I just ignore those |
| 5 |
>> grsec messages without causing a problem? |
| 6 |
> |
| 7 |
> Allowing core dumps will enable failed applications to dump a copy of |
| 8 |
> their memory to disk; generally this only causes issues if you're |
| 9 |
> disk-space sensitive. It can also be an issue for applications that |
| 10 |
> hold sensitive data (like passwords) in-memory. |
| 11 |
> |
| 12 |
> If you can, yes - just ignore the RLIMIT_CORE ones. You probably want |
| 13 |
> to find out why applications are trying to dump, but the messages are |
| 14 |
> a symptom rather than the cause. |
| 15 |
|
| 16 |
It turns out I need to issue 'paxctl -m |
| 17 |
/usr/lib64/mozilla-firefox/firefox' to prevent firefox from crashing |
| 18 |
when watching a cnn.com video. Is that a huge security issue? |
| 19 |
|
| 20 |
- Grant |
Archives