From owner-freebsd-security  Tue Oct 15 13:36:19 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id NAA06724
          for security-outgoing; Tue, 15 Oct 1996 13:36:19 -0700 (PDT)
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id NAA06716
          for <freebsd-security@freebsd.org>; Tue, 15 Oct 1996 13:36:14 -0700 (PDT)
Received: (from bde@localhost) by godzilla.zeta.org.au (8.7.6/8.6.9) id GAA21721; Wed, 16 Oct 1996 06:35:12 +1000
Date: Wed, 16 Oct 1996 06:35:12 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199610152035.GAA21721@godzilla.zeta.org.au>
To: freebsd-security@freebsd.org, roberto@keltia.freenix.fr
Subject: Re: bin/1805: Bug in ftpd
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>> This was probably fixed in March in -current but not in -stable.
>> Setuid processes cannot dump core in -current.  This makes them harder
>> to debug of course.
>
>What did I miss ? wu-ftpd is not setuid... It is launched as root by inetd
>so the setuid-program-don't-core is not applicable.

It must have done a setuid(user) to become the user.  This sets the
P_SUGID flag, which is what prevents dumping core and ptrace/procfs
attach .  It doesn't matter whether the P_SUGID flag was set at exec
time or later.

Bruce