Date: Mon, 4 Jun 2018 12:26:06 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Cy Schubert <Cy.Schubert@cschubert.com> Cc: rgrimes@freebsd.org, Warner Losh <imp@bsdimp.com>, Eitan Adler <eadler@freebsd.org>, src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r334543 - head/usr.bin/top Message-ID: <5B14CD6E.9020003@grosbein.net> In-Reply-To: <201806040507.w5457q5v007218@slippy.cwsent.com>
index | next in thread | previous in thread | raw e-mail
04.06.2018 12:07, Cy Schubert wrote: > In message <5B14C64B.2070602@grosbein.net>, Eugene Grosbein writes: >>>>>> Bad side effect of doing that is it is not hard to get a "core" >>>>>> from top when run as a user, as it is going to try to write >>>>>> to /, and it probably does not have permission for that. >> >> We already have global sysctl kern.corefile that can be changed to /var/tmp/% >> N.core >> >> Perhaps, a kernel could take a look to process environment to something like >> KERN_COREFILE variable for an override of that sysctl? > > Only if the file doesn't exist and the lowest level directory is > writable by UID. Even then if any directory within the path is not > searchable by UID it should be disallowed. Otherwise it would be a CVE. AFAIK all security checks are in place already for sysctl kern.corefile having default value relative to current working directory of the process (user).home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5B14CD6E.9020003>