[rfc] hs_err log in temp readable for all
Jiri Vanek
jvanek at redhat.com
Thu May 22 07:39:29 UTC 2014
On 05/21/2014 10:02 PM, Dmitry Samersoff wrote:
Hello Dmitry,
Thank you for explanation!
J.
> Jiri,
>
> There are plenty of tools that rely on presence of hs_err* file to
> monitor java app etc.
>
> Readability of hs_err file is also important because typically,
> monitoring software run not under same user as a main Java app.
>
> It is probably better to keep hs_err file "group readable" only, but
> compatibility impact of such decision should be carefully evaluated.
>
> If world readable hs_err file is not acceptable for your system you can
> change umask to have restricted permissions.
>
> e.g.:
>
>> umask 0555
> ...
>> kill -BUS <java_process_pid>
>
> ---------- 1 dms dms 26419 May 21 23:52 hs_err_pid15822.log
>
> -Dmitry
>
> On 2014-05-19 17:21, Jiri Vanek wrote:
>> Hi!
>>
>> I run JVM in read only directory in shared server and form time to time
>> it fails. However, I noted that hs_logs which then go to TMP direcotry,
>> are readable to all.
>> It may contains private information, and I think that this file should
>> be readable only to its owner.
>>
>> Attached webrevs fixes it:
>> for all hs_err logs -
>> http://jvanek.fedorapeople.org/oracle/jdk9/stricter_permissions/minimal/1/webrev/
>>
>> for hs_log in tmp only -
>> http://jvanek.fedorapeople.org/oracle/jdk9/stricter_permissions/better/1/webrev/
>>
>>
>> If I will be even more paranoid, then i think that hs_err{pid} name is
>> predictable, and can point to pre-created pipe. Maybe this 0600 file
>> should be placed in 0700 directory with salt in name. Or add the salt to
>> file itself (when created in tmp)
>>
>> I will be happy to adapt the patch for your needs.
>>
>> Best regards,
>> J.
>
>
More information about the hotspot-dev
mailing list