On Wed, Jan 15, 2025 at 02:22:08PM +0100, nicolas.bouchinet@xxxxxxxxxxx wrote:Uhm, I think your right, its seems to be functionally identical.
Any negative write or >= to INT_MAX in core_pipe_limit sysctl wouldIsn't this true for "0" too (the default)? I'm not opposed to the change
hypothetically allow a user to create very high load on the system by
running processes that produces a coredump in case the core_pattern
sysctl is configured to pipe core files to user space helper.
Memory or PID exhaustion should happen before but it anyway breaks the
core_pipe_limit semantic.
since it makes things more clear, but I don't think the >=INT_MAX
problem is anything more than "functionally identical to 0". :)
Reviewed-by: Kees Cook <kees@xxxxxxxxxx>