Date: Tue, 23 Apr 2002 19:53:53 -0700 (PDT) From: Mikko Tyolajarvi <mikko@dynas.se> To: blaz@si.FreeBSD.org Cc: security@freebsd.org Subject: Re: segfault in ftpd Message-ID: <200204240253.g3O2rrM33014@mikko.rsa.com> References: <20020423225805.Q93786-100000@titanic.medinet.si>
next in thread | previous in thread | raw e-mail | index | archive | help
In local.freebsd.security you write: >For some time now I see messages like this in the logs on our webserver: >pid 36861 (ftpd), uid 29987: exited on signal 11 >This is with the stock ftpd on 4.5-RELEASE-p3 (users use it to upload their >web pages to it). I compiled ftpd with -g and tried to set it up so that I get >a coredump. I configured: > mkdir /var/coredumps > chmod 1777 /var/coredumps > sysctl kern.corefile=/var/coredumps/%U.%N.%P.core >Now I can create a simple program that crashes and the core will be written to >/var/coredumps. But ftpd simply does not want to create a coredump. As far as >I can see, /etc/login.conf specifies coredumpsize=unlimited. Is there anything >else I need to configure or tune to be able to catch a coredump? Try: sysctl kern.sugid_coredump=1 If ftpd crashes after user login, then UID != EUID (which is what makes it such a security problem in the first place -- how often do you _really_ need to change user in the middle of an ftp session? It should just switch uid and be done with it, IMHO). $.02, /Mikko -- Mikko Työläjärvi_______________________________________mikko@rsasecurity.com RSA Security To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204240253.g3O2rrM33014>