Re: current->dumpable=0

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: T.Mertes@mobilkom.at: "which pci sound card does not have dropouts under load"
• Previous message: Craig I. Hagan: "Re: 2.2.x and SMP"
• Next in thread: Andrea Arcangeli: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
• Reply: Andrea Arcangeli: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
• Reply: Alexander Viro: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
• Reply: Andrea Arcangeli: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"

> Is there any reason for setting current->dumpable to 0 in sys_setuid()?
> It seems to me it doesn't close any security problem (since you need to
> be root to change UID and if it the program was setuid, core dumps
> should have been already disabled at this point) and it makes debugging
> of daemons switching their UID a lot harder.

Consider the case where login (or some other such program - maybe ftpd)
switches uid but still has a lump of the shadow password file somewhere,
or of some unreadable config file.

Perhaps we should add a SIGCORE which just causes the kernel to drop the
process image as a core file (without necessarily killing the process).

Matthew.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: T.Mertes@mobilkom.at: "which pci sound card does not have dropouts under load"
• Previous message: Craig I. Hagan: "Re: 2.2.x and SMP"
• Next in thread: Andrea Arcangeli: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
• Reply: Andrea Arcangeli: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
• Reply: Alexander Viro: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"
• Reply: Andrea Arcangeli: "Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:"