bash – 在Redhat上,“kernel.suid_dumpable = 1”是什么意思?
我正在运行一个bash脚本来复制一些日志文件,然后在Red Hat盒子上重启一个服务.每次执行脚本时,我都会在控制台上获得以下内容:
[root @ servername~] #sh /bin/restart_nss.sh 在这种情况下,“kernel.suid_dumpable = 1”是什么意思? 谢谢,
一些背景:
setuid位: 核心转储: suid_dumpable: sudo sysctl -w kernel.suid_dumpable=2 您可以在文件中找到关于此可编码的可调参数,如果已安装,您可以在以下目录中找到:/usr/src/linux-source-2.6.27/Documentation/sysctl/.在这种情况下,下面的引用位于该目录中的fs.txt中.使用uname -a命令查找内核版本. 为什么重要: 这可能是安全风险: 参考: This value can be used to query and set the core dump mode for setuid or otherwise protected/tainted binaries. The modes are 0 - (default) - traditional behaviour. Any process which has changed privilege levels or is execute only will not be dumped 1 - (debug) - all processes dump core when possible. The core dump is owned by the current user and no security is applied. This is intended for system debugging situations only. 2 - (suidsafe) - any binary which normally not be dumped is dumped readable by root only. This allows the end user to remove such a dump but not access it directly. For security reasons core dumps in this mode will not overwrite one another or other files. This mode is appropriate when adminstrators are attempting to debug problems in a normal environment. (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |