From owner-freebsd-hackers Tue Feb 18 19:01:19 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id TAA24646 for hackers-outgoing; Tue, 18 Feb 1997 19:01:19 -0800 (PST) Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA24635 for ; Tue, 18 Feb 1997 19:01:07 -0800 (PST) Received: (from danny@localhost) by panda.hilink.com.au (8.7.6/8.7.3) id OAA01294; Wed, 19 Feb 1997 14:05:02 +1100 (EST) Date: Wed, 19 Feb 1997 14:05:00 +1100 (EST) From: "Daniel O'Callaghan" To: freebsd-hackers@freebsd.org cc: gnat@frii.com Subject: Core dumps in suid processes (again) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk This was on BUGTRAQ. Given that from recent discussions FreeBSD only knows its current e/r uids, rather than that is has been suid, I'm not sure of the correct answer to the question below. Can someone please fill in the blanks. Danny ---------- Forwarded message ---------- Date: Tue, 18 Feb 1997 19:31:08 -0700 (MST) From: gnat@frii.com To: Daniel O'Callaghan Subject: Re: FreeBSD,rlogin and coredumps. gnat@frii.com writes: [ WTTEO: I can read encrypted password file entries after killing my screen session on FreeBSD 2.1.5 ] Daniel O'Callaghan writes: > Upgrade to 2.1.6 (preferably, wait a few days for 2.1.7) In OS versions > 2.1.6 and greater suid programs will not dump core. Will that work with screen, where the program is setuid root but runs (and is kill -11 able) as me? I guess I mean, does the has-been-setuid flag keep its state even when euid==ruid? Nat