On Fri, Jun 21, 2002 at 11:54:48AM -0700, Kohlenberg, Toby wrote: > I have to say I'm surprised the path this discussion has taken- the > real issue I have run into is not the need to not bring systems down > or get a freeze of a live system- that isn't too hard to handle in one > way or another. The problem I have yet to hear a decent solution for is > how to get a dump of what is in memory off a running system when you > don't necessarily have root control over the system. I'm not saying this is impossible, because there are all sorts of situations that would make this possible. But all of these situations are bad from a system administrator point of view. If non-root users can get a memory dump of the system, then there is a pretty serious security hole that would let them root the system fairly easily given enough patience and knowledge. I realize this isn't too helpful. There are time when during a crisis where it doesn't matter whether or not a capability you need is a good idea. But getting a memory dump off a well-run system you don't have root on == hacking the system. My advice, enlist the aid of whoever has root. If you can't, your options are few, and may not end up of much better quality that pulling the power cord and hoping the pages on memory you're interested in are in the swap file. If this were a serious last ditch option, you could improve your chances by starting some nice artificial memory+cpu hog processes just before doing it to force a lot of swap-outs. Or you could hope that the sysadmin isn't doing his job well and hack the system. Raymond M. Reskusich
This archive was generated by hypermail 2b30 : Tue Jun 25 2002 - 05:55:11 PDT