On Wed, 1 Oct 1997, Pavel Machek wrote:
>I've noticed following code in kernel (which makes problems for me
>because my forumd does setuid( nobody ) and then it can not dump
>core). I would like to ask why is it this way.
>
[skipped]
> if (current->euid != old_euid)
> current->dumpable = 0;
> ~~~~~~~~~~~~~~~~~~~~~~
>I _think_ that if I'm suser(), than current->dumpable should not be
>reset. After all, that program now lost all it privilegs and there are
>probably other ways how to read its address space - so there may be
>nothing important in there.
This is for security reaseon. It is bad for suid program to dump core.
Sombody could find bug in suid program, run it from his directory and link
some file to ./core.
Bye.
-- Whereof one cannot speak, thereof one must be silent. -- Wittgenstein
-- With best of best regards, Pawel S. Veselov (aka Black Angel) internet : vps@unicorn.niimm.spb.su ( mail,finger,talk ) fidonet : 2:5030/5.412 schoolnet : 21:9000/412 Web page : http://www.niimm.spb.su/~vps/