RFC: Allowing existing file when writing a heap dump
Chris Plummer
chris.plummer at oracle.com
Wed Feb 24 20:16:52 UTC 2021
Right now the failure helps the user avoid potentially inadvertently
overwriting a file, so I think at the very least it should continue to
fail for regular files. I'm a bit less clear on how pipes, ttys, and
domain sockets work here. Are you saying they are all pseudo files that
already exist and can't be deleted, and therefore you currently can't
dump the heap to them?
Chris
On 2/23/21 11:45 PM, Schmelter, Ralf wrote:
> Hi,
>
> as described in https://bugs.openjdk.java.net/browse/JDK-8200579 it could be useful to be able to specify an already existing 'file' to be able to stream the heap dump directly to a named pipe on Windows or a tty or domain socket on Unix, especially on systems with low disk space. Since we now don't have the requirement to seek anymore, when we open the file with os::create_binary_file(<path>, true) instead of os::create_binary_file(<path>, false) we could just do that.
>
> However, I'm not sure how this would be feasible from a security perspective, since this would allow users who have the permission to trigger a heap dump to overwrite files. One could check if the opened file is one of the special types (pipes, tty, domain sockets) and allow it only for these cases.
>
> What do you think?
>
> Best regards,
> Ralf
More information about the serviceability-dev
mailing list