From owner-freebsd-hackers Sat Oct 19 23:41:35 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA11066 for hackers-outgoing; Sat, 19 Oct 1996 23:41:35 -0700 (PDT) Received: from critter.tfs.com (disn1.cybercity.dk [194.16.57.1]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id XAA11061; Sat, 19 Oct 1996 23:41:26 -0700 (PDT) Received: from critter.tfs.com (localhost.tfs.com [127.0.0.1]) by critter.tfs.com (8.7.5/8.7.3) with ESMTP id IAA22295; Sun, 20 Oct 1996 08:40:24 +0200 (MET DST) To: mycroft@mit.edu (Charles M. Hannum) cc: tech-userlevel@NetBSD.ORG, freebsd-hackers@freefall.FreeBSD.org Subject: Re: setuid, core dumps, ftpd, and DB In-reply-to: Your message of "19 Oct 1996 23:27:17 EDT." Date: Sun, 20 Oct 1996 08:40:24 +0200 Message-ID: <22293.845793624@critter.tfs.com> From: Poul-Henning Kamp Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Charles, It was pointed out by me already 8 years ago: "[...] core-dumps as default is an evil thing. There should be some way to >enable< core-dumps when you want them, rather than have them as default. This would also solve security issue where a core-dump may contain sensitive information. [...]" What we need is really a new syscall: procctl(pid, function, arg) with the following functions: PROCCTL_NOCORE disable core-dumping (arg not used) PROCCTL_CORE enable core-dumping (arg not used) PROCCTL_NEVERCORE disables core-dumping, and it cannot be reenabled until after next exec (arg not used) PROCCTL_CORENAME (arg is pathname to use for corefile) -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Future will arrive by its own means, progress not so.