oradism binary was initially created for managing Dynamic Intimate Shared Memory on Solaris, but since then it has evolved a lot (increasing the attack surface) and it’s nowadays used for many operations requiring root privileges on our Linux system. By the way i have peeked it’s new name “Directly Intimate Shared Monster” from Frits Hoogland in tweeter and i think that it fits it better 🙂
https://platform.twitter.com/widgets.jsI would say that if dism stands for directly intimate shared monster, it seems a fitting description? No?
— Frits Hoogland (@fritshoogland) October 22, 2020
The purpose of this blog post is to try to enumerate some of those operations using an oracle 20C preview version (Armed with my old friends systemtap/etc 🙂 )
Elevating priority of some key background processes :
The vktm process is now scheduled under one of the real-time policies (SCHED_RR).
Setting the adjustment value for the OOM killer score (OOMScoreAdjust) :
The value is now set to -1000 ,The lower the value, the lower the chance that it’s going to be killed.
Operations related to dbnest initialization (cgroups/namespaces/directory needed for bind mount) :
Some functions seems to be related to cgroups ,Nest network (Need network namespace (have to check that ! ) ), namespace configuration :
Example of configuring cgroup .
Example of creating a directory for bind mount used for FS isolation :
Example of configuring the mappings for user and group IDs inside the user namespace.
Operations related to direct NFS :
Operations related to the configuration of huge pages (allocate/deallocate):
And i’m now still thinking about dbnest and the network namespace , have to check that stay tuned :p
That’s it 🙂
Hatem Mahmoud's blog 
[…] UPDATE 03/11/2020 : For more information on what oradism can do please check my investigation on that […]
[…] capability in the parent namespace to do that modification for us. In this case we called the directly intimate shared monster for the rescue […]