From owner-freebsd-security Tue Feb 18 20:12:20 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id UAA29864 for security-outgoing; Tue, 18 Feb 1997 20:12:20 -0800 (PST) Received: from mail.calweb.com (mail.calweb.com [208.131.56.11]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id UAA29844 for ; Tue, 18 Feb 1997 20:12:09 -0800 (PST) Received: from hell.gigo.com (hell.gigo.com [207.173.133.59]) by mail.calweb.com (8.8.5/8.8.5) with SMTP id UAA22157 for ; Tue, 18 Feb 1997 20:11:23 -0800 (PST) Message-Id: <3.0.1.32.19970218200814.006e5118@pop.calweb.com> X-Sender: jfesler@pop.calweb.com X-Mailer: Windows Eudora Pro Version 3.0.1 (32) Date: Tue, 18 Feb 1997 20:08:14 -0800 To: security@freebsd.org From: Jason Fesler Subject: Coredumps and setuids .. interesting.. Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I found this to be rather interesting.. I didn't realize that linux and solaris refused to core dump setuid programs. This could be a rather good thing should it find it's way into *bsd.. >Date: Tue, 18 Feb 1997 19:59:37 -0500 >Reply-To: Simon Karpen >From: Simon Karpen >Subject: Re: FreeBSD,rlogin and coredumps. >To: BUGTRAQ@NETSPACE.ORG > >The problem is not in screen; it's in the operating system. >Linux is truly not vulnerable as it does not allow >coredumps of setuid root programs. > >The BSDs (at least FreeBSD) appear to still do this for some >inane reason. Even SunOS 4.x doesn't coredump setuid progs, and >I wouldn't exactly call it secure. > >On Tue, 18 Feb 1997, Nathan Torkington wrote: >> It's possible to send a signal 11 to the latest version of screen >> (3.7.2) and make it coredump with the master.passwd file in memory. >> I'm using FreeBSD 2.1.5-RELEASE. > >Simon Karpen >karpes@rpi.edu, slk@acm.rpi.edu, slk@karpes.stu.rpi.edu >"Down, not Across" > >