Reputation: 131
Java Heap dump permissions
The java heap dumps generated in a Linux Machine (and most probably Unix machines as well) have restricted access. The heap can only be read by the owner of the process (ACL mask is set to 600). I understand that this is for security reasons. However, I was not able to find any documentation referencing or explaining the behavior. Can anyone point me to the documentation (if any)? Also, is there any way to override this behavior?
Upvotes: 12
Views: 6275
Answers (2)
Reputation: 8552
If you are interested in deep JVM internals, you can check the source code for OpenJDK.
Here is a link for the HeapDumper service: http://hg.openjdk.java.net/jdk7/jdk7/hotspot/file/9b0ca45cd756/src/share/vm/services/heapDumper.cpp
If you dig in, you'll see JVM is creating binary files with S_IREAD | S_IWRITE
4373 // create binary file, rewriting existing file if required
4374 int os::create_binary_file(const char* path, bool rewrite_existing) {
4375 int oflags = O_WRONLY | O_CREAT;
4376 if (!rewrite_existing) {
4377 oflags |= O_EXCL;
4378 }
4379 return ::open64(path, oflags, S_IREAD | S_IWRITE);
4380 }
Upvotes: 5
Reputation: 124
The heap dump is written by the JVM process, which runs as a particular user. Just like any file created by any Linux process, it will be owned by that user.
If you'd like actual documentation, here it is. Look at the description under O_CREAT.
Upvotes: 0
Related Questions
- Jmap can't connect to make a dump
- JMap dump format specification
- Generating Heap Dumps Java JRE7
- Heap Dump Root Classes
- How to take heap dump?
- Can't dump heap on java process
- Give read permission to others for HeapDumpOnOutOfMemoryError file .hprof on generated
- Can you override the file permissions for the heap dump produced by -XX+HeapDumpOnOutOfMemoryError?
- Heap dump with jmap throws NullPointerException
- Is access to the Java Heap restricted to the JVM which runs the program