Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 16 Nov 1999 13:03:39 -0500
From:      Greg Lehey <grog@mojave.sitaranetworks.com>
To:        Graham Wheeler <gram@cequrux.com>, hackers@FreeBSD.ORG
Subject:   Re: Missing core dumps
Message-ID:  <19991116130339.17641@mojave.sitaranetworks.com>
In-Reply-To: <9911161453040F.23105@cequrux.com>; from Graham Wheeler on Tue, Nov 16, 1999 at 02:45:26PM %2B0200
References:  <9911161453040F.23105@cequrux.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tuesday, 16 November 1999 at 14:45:26 +0200, Graham Wheeler wrote:
> Howdy all
>
> I have a program that occasionally catches a SEGV signal, but it doesn't dump
> core.  And I really could use that core file, as I can't replicate the problem
> under controlled conditions.
>
> The program is invoked from inetd. It is owned by user nobody and has group
> mail. When it starts up, it calls setuid and setgid to set the user and group
> to be nobody and mail respectively. It then chroots to a directory which is
> owned by bin and has group mail. This directory has owner and group read,
> write and execute permissions on. The program can create and destroy temporary
> files in this directory without any problem.
>
> It doesn't catch SEGV signals in its own handler, and it has no obvious file
> size limits.
>
> From my reading of Stevens APITUE, there are no reasons why the core file
> shouldn't be created. Am I missing something? (This is on 2.2.7 and 2.2.8
> systems, although I suspect the behaviour will be unchanged under 3.x)

For security reasons, you normally can't get a core dump of a setuid
program.  You could use it to break security.  To change this
behaviour, set the sysctl sugid.coredump:

  # sysctl -w sugid.coredump=1

BTW, this knob isn't mentioned in the man page.

Greg
--
Finger grog@lemis.com for PGP public key
See complete headers for address and phone numbers


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991116130339.17641>