Re: [PATCH] coredump - as root not only if euid switched

From: Andrew Morton
Date: Thu Apr 22 2004 - 04:58:43 EST

Next message: Vojtech Pavlik: "Re: [PATCH 9/15] New set of input patches: atkbd timeout complaints"
Previous message: Peter Waechtler: "Re: [PATCH] coredump - as root not only if euid switched"
In reply to: Peter Waechtler: "Re: [PATCH] coredump - as root not only if euid switched"
Next in thread: Peter Wächtler: "Re: [PATCH] coredump - as root not only if euid switched"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Peter Waechtler <pwaechtler@xxxxxxx> wrote:
>
> >(why are you trying to unlink the old file anyway?)
> >
>
> For security measure :O
> I tried on solaris: touch the core file as user, open it and wait, dump core
> as root -> nope, couldn't read the damn core - it was unlinked and created!

hm, OK. There's a window in which someone can come in and recreate the
file, but the open is using O_EXCL|O_CREATE so that seems safe enough.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Vojtech Pavlik: "Re: [PATCH 9/15] New set of input patches: atkbd timeout complaints"
Previous message: Peter Waechtler: "Re: [PATCH] coredump - as root not only if euid switched"
In reply to: Peter Waechtler: "Re: [PATCH] coredump - as root not only if euid switched"
Next in thread: Peter Wächtler: "Re: [PATCH] coredump - as root not only if euid switched"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]