I traced this down and found the problem. The patch below will make root
coredumps work again as root. I checked to make sure that it handles
setuid cases correctly, and it seems to be fine. All of the sys_set*
functions in kernel/sys.c do the current->dumpable clearing by themselves.
*WARNING* I may be mucking some security checking up here. I'm not sure
what exactly cap_permitted is for, but Alan said it had nothing to do with
coredumps so I'm assuming somebody was confused when adding it.
This would be a two-liner patch, but it changes some spaces into tabs.
< cut here >
--- linux.orig/fs/exec.c Sun Oct 18 16:33:14 1998
+++ linux/fs/exec.c Sun Oct 18 23:41:42 1998
@@ -715,13 +715,12 @@
bprm->cap_effective.cap;
}
- /* AUD: Audit candidate if current->cap_effective is set */
+ /* AUD: Audit candidate if current->cap_effective is set */
- current->suid = current->euid = current->fsuid = bprm->e_uid;
- current->sgid = current->egid = current->fsgid = bprm->e_gid;
- if (current->euid != current->uid || current->egid != current->gid ||
- !cap_isclear(current->cap_permitted))
- current->dumpable = 0;
+ current->suid = current->euid = current->fsuid = bprm->e_uid;
+ current->sgid = current->egid = current->fsgid = bprm->e_gid;
+ if (current->euid != current->uid || current->egid != current->gid)
+ current->dumpable = 0;
}
< cut here >
Simon-
| Simon Kirby | Systems Administration |
| mailto:sim@netnation.com | NetNation Communications |
| http://www.netnation.com/ | Tech: (604) 684-6892 |
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/