Re: Patch for comment: setuid core dumps

From: Alan Cox
Date: Mon Sep 27 2004 - 16:16:06 EST

Next message: Steven Pratt: "Re: [PATCH/RFC] Simplified Readahead"
Previous message: Dax Kelson: "Re: thinkpad issue --No PCMCIA hotplug activity when onboard nic(e1000) down"
In reply to: Chris Wright: "Re: Patch for comment: setuid core dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Sep 27, 2004 at 02:03:53PM -0700, Chris Wright wrote:
> > +2 - (suidsafe) - any binary which normally not be dumped is dumped
> > + readable by root only. This allows the end user to remove
> > + such a dump but not access it directly. For security reasons
> > + core dumps in this mode will not overwrite one another or
> > + other files. This mode is appropriate when adminstrators are
> > + attempting to debug problems in a normal environment.
> > +
>
> But, in general, did you double check how this plays with /proc
> (task_dumpable) and ptrace_attach type stuff? That seems sketchy.

I reviewed it in terms of ptrace. I'll review the /proc stuff in detail. I'd
not given that anything like sufficient thought.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Steven Pratt: "Re: [PATCH/RFC] Simplified Readahead"
Previous message: Dax Kelson: "Re: thinkpad issue --No PCMCIA hotplug activity when onboard nic(e1000) down"
In reply to: Chris Wright: "Re: Patch for comment: setuid core dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]