Date: Tue, 20 Sep 2011 16:08:17 -0400 From: Mike Tancsa <mike@sentex.net> To: Gary Palmer <gpalmer@freebsd.org> Cc: Corey Smith <corsmith@gmail.com>, freebsd-security@freebsd.org Subject: Re: pam_ssh_agent_auth coredump on AMD64 (was Re: PAM modules) Message-ID: <4E78F2B1.90302@sentex.net> In-Reply-To: <20110920192100.GF10165@in-addr.com> References: <CAHQQXOObKpCU9syvv0tYfets9%2BsMKjYU0ONeQ23KGkOOnxJOaA@mail.gmail.com> <4E778357.1030206@sentex.net> <4E78E5DC.6050600@sentex.net> <20110920192100.GF10165@in-addr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/20/2011 3:21 PM, Gary Palmer wrote:
>
> If you do
>
> sysctl kern.sugid_coredump=1
>
> can you get a coredump?
Tried that too.
% sysctl -a | grep core
kern.corefile: %N.core
kern.nodump_coredump: 0
kern.coredump: 1
kern.sugid_coredump: 1
debug.elf64_legacy_coredump: 1
debug.elf32_legacy_coredump: 1
Actually, my mistake on i386. It seems the plugin works with
sudo-1.8.1_5
but not 1.8.2
Seems to die in the function policy_check in sudo.c
return plugin->u.policy->check_policy(argc, argv, env_add, command_info,
argv_out, user_env_out);
}
---Mike
--
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4E78F2B1.90302>