1 |
>>> Check out 'ulimit -a' or search for 'ulimit' in bash(1). |
2 |
>> |
3 |
>> I read about ulimit and I'm wondering if I need to worry about |
4 |
>> increasing that coredump size from zero. Can I just ignore those |
5 |
>> grsec messages without causing a problem? |
6 |
> |
7 |
> Allowing core dumps will enable failed applications to dump a copy of |
8 |
> their memory to disk; generally this only causes issues if you're |
9 |
> disk-space sensitive. It can also be an issue for applications that |
10 |
> hold sensitive data (like passwords) in-memory. |
11 |
> |
12 |
> If you can, yes - just ignore the RLIMIT_CORE ones. You probably want |
13 |
> to find out why applications are trying to dump, but the messages are |
14 |
> a symptom rather than the cause. |
15 |
|
16 |
It turns out I need to issue 'paxctl -m |
17 |
/usr/lib64/mozilla-firefox/firefox' to prevent firefox from crashing |
18 |
when watching a cnn.com video. Is that a huge security issue? |
19 |
|
20 |
- Grant |