Date: Sun, 20 Oct 1996 10:01:24 +0200 From: Poul-Henning Kamp <phk@critter.tfs.com> To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Cc: tech-userlevel@NetBSD.ORG, freebsd-hackers@freefall.freebsd.org Subject: Re: setuid, core dumps, ftpd, and DB Message-ID: <22930.845798484@critter.tfs.com> In-Reply-To: Your message of "Sun, 20 Oct 1996 09:41:39 %2B0200." <199610200741.JAA27953@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199610200741.JAA27953@uriah.heep.sax.de>, J Wunsch writes: >As Poul-Henning Kamp wrote: > >> It was pointed out by me already 8 years ago: >> >> "[...] core-dumps as default is an evil thing. There should be >> some way to >enable< core-dumps when you want them, rather than >> have them as default. This would also solve security issue >> where a core-dump may contain sensitive information. [...]" >> >> What we need is really a new syscall: >> >> procctl(pid, function, arg) > >The only problem with this is that programs tend to dump core without >asking the developer first. ;-) That's the nature of bugs, the >programmer often does not anticipate them. Thus, they are sometimes a >good means for a post-mortem analysis. I suppose most people would have the system-wide default be "core-dumps on" -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Future will arrive by its own means, progress not so.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?22930.845798484>