Date: Sun, 20 Oct 1996 08:40:24 +0200 From: Poul-Henning Kamp <phk@critter.tfs.com> To: mycroft@mit.edu (Charles M. Hannum) Cc: tech-userlevel@NetBSD.ORG, freebsd-hackers@freefall.FreeBSD.org Subject: Re: setuid, core dumps, ftpd, and DB Message-ID: <22293.845793624@critter.tfs.com> In-Reply-To: Your message of "19 Oct 1996 23:27:17 EDT." <el2zq1i5n8o.fsf@zygorthian-space-raiders.MIT.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
Charles,
It was pointed out by me already 8 years ago:
"[...] core-dumps as default is an evil thing. There should be
some way to >enable< core-dumps when you want them, rather than
have them as default. This would also solve security issue
where a core-dump may contain sensitive information. [...]"
What we need is really a new syscall:
procctl(pid, function, arg)
with the following functions:
PROCCTL_NOCORE
disable core-dumping (arg not used)
PROCCTL_CORE
enable core-dumping (arg not used)
PROCCTL_NEVERCORE
disables core-dumping, and it cannot be reenabled
until after next exec (arg not used)
PROCCTL_CORENAME
(arg is pathname to use for corefile)
--
Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox.
whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc.
Future will arrive by its own means, progress not so.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?22293.845793624>