Re: [PATCH] coredump - as root not only if euid switched

From: Peter Waechtler
Date: Fri Apr 23 2004 - 02:16:13 EST

On Thursday, April 22, 2004, at 10:05PM, Linus Torvalds <torvalds@xxxxxxxx> wrote:

>On Thu, 22 Apr 2004, Peter W�chtler wrote:
>> > hm, OK. There's a window in which someone can come in and recreate the
>> > file, but the open is using O_EXCL|O_CREATE so that seems safe enough.
>> So here is the updated patch with an open coded call to sys_unlink
>Wouldn't it be much nicer to just refuse to overwrite files owned by
>anybody else?
>In other words, I'd much rather see a patch that is a much simpler one,
>which just says: if we opened an existing file, we won't touch it if we
>weren't the owners of it.
>That should be safe for root _and_ it should be safe for people who
>already had a file descriptor open previously (hey, if the previous
>root-owned core-file was world readable, then what else is new?)

the previous core was owned by user.donttellyourwisdom
The root process happily dumps it's core into it, doesn't change
ownership nor permissions.

>Tell me why this isn't simpler?
I can't it's simpler.
If you are interested in the core (you don't because you don't make
errors, you don't even use debuggers but change the VM ;> )
you get it, otherwise you have an old one.

>--- 1.111/fs/exec.c Wed Apr 21 02:11:57 2004
>+++ edited/fs/exec.c Thu Apr 22 13:03:27 2004
>@@ -1378,6 +1378,8 @@
> inode = file->f_dentry->d_inode;
> if (inode->i_nlink > 1)
> goto close_fail; /* multiple links - don't dump */
>+ if (inode->i_uid != current->euid || inode->i_gid != current->egid)
>+ goto close_fail;
> if (d_unhashed(file->f_dentry))
> goto close_fail;
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at