izackp/mosh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Explicitly disable dumping core (closes #72)

Browse Source 
This is a precaution to avoid saving sensitive data to disk, e.g. session keys.
We expect that corefiles are not world readable, but they're still sitting on
the physical disk and it's safer just to disable creating them.

GitHub issue #71 deals with a similar concern.
This commit is contained in:
Keegan McAllister
2012-03-21 08:46:42 -04:00
committed by Keith Winstein
parent b6c3e450fd
commit 9f38c76699
4 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/crypto/crypto.cc
+15
View File
@@ -20,6 +20,7 @@
#include <stdio.h>
#include <errno.h>
#include <stdlib.h>
#include <sys/resource.h>
#include "byteorder.h"
#include "crypto.h"
@@ -246,3 +247,17 @@ Message Session::decrypt( string ciphertext )
return ret;
}
/* Disable dumping core, as a precaution to avoid saving sensitive data
to disk. */
void Crypto::disable_dumping_core( void ) {
struct rlimit limit;
limit.rlim_cur = 0;
limit.rlim_max = 0;
if ( 0 != setrlimit( RLIMIT_CORE, &limit ) ) {
/* We don't throw CryptoException because this is called very early
in main(), outside of 'try'. */
perror( "setrlimit(RLIMIT_CORE)" );
exit( 1 );
}
}