[File-cvs] CVS commit: file/src
Christos Zoulas
christos at zoulas.com
Sun Feb 4 20:03:56 UTC 2024
Module Name: file
Committed By: christos
Date: Sun Feb 4 20:03:56 UTC 2024
Modified Files:
file/src: seccomp.c
Log Message:
PR/471: Alexander Monakov: Disable PR_SET_DUMPABLE
Making the process "not dumpable" has the following effects:
* core dumps are not produced
* ptrace-attaching to this process is disallowed
* files in /proc/<pid> become owned by root
Hence, it doesn't contribute to seccomp's goal of preventing attacks via
a hijacked 'file' process, and instead limits the ability to observe a
running (or crashing) 'file' program, which is
To generate a diff of this commit:
cvs rdiff -r1.25 -r1.26 file/src/seccomp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
More information about the File-cvs
mailing list