Re: Core dumps and being root

David Schleef (
Mon, 27 Jul 1998 16:04:36 -0700 (PDT)

> Someone pointed this out on irc and much to my suprise its true.
> With 2.1.10x programs run as root by root with uid==gid euid==egid
> are not dumpable. So you can't core dump programs as root. This
> seems to be because
> if (current->euid != current->uid || current->egid != current->gid ||
> !cap_isclear(current->cap_permitted))
> current->dumpable = 0;
> doesn't account for the superuser - who has special rights but shouldnt
> be stopped from core dumping as those rights are (in normal unix anyway)
> not 'raised' but implicit.
> Alan

Doesn't this open a huge security hole? Right now, a user can do the

ln -s some_other_file core

and get a core dump in some_other_file.

Now, suppose root can dump core. Then if there is a link from core to, say,
/etc/passwd, strategically located, and root dumps core in that directory...

I don't think there is a problem if root core dumps were always placed in
/root/core, or some other "safe" location. But not the current directory.


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at