1. 12 Nov, 2007 1 commit
    • Roland McGrath's avatar
      core dump: remain dumpable · 00ec99da
      Roland McGrath authored
      The coredump code always calls set_dumpable(0) when it starts (even
      if RLIMIT_CORE prevents any core from being dumped).  The effect of
      this (via task_dumpable) is to make /proc/pid/* files owned by root
      instead of the user, so the user can no longer examine his own
      process--in a case where there was never any privileged data to
      protect.  This affects e.g. auxv, environ, fd; in Fedora (execshield)
      kernels, also maps.  In practice, you can only notice this when a
      debugger has requested PTRACE_EVENT_EXIT tracing.
      
      set_dumpable was only used in do_coredump for synchronization and not
      intended for any security purpose.  (It doesn't secure anything that wasn't
      already unsecured when a process dies by SIGTERM instead of SIGQUIT.)
      
      This changes do_coredump to check the core_waiters count as the means of
      synchronization, which is sufficient.  Now we leave the "dumpable" bits alone.
      Signed-off-by: default avatarRoland McGrath <roland@redhat.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      00ec99da
  2. 10 Nov, 2007 39 commits