aboutsummaryrefslogtreecommitdiff
path: root/ipc/util.c
diff options
context:
space:
mode:
authorRoland McGrath <roland@redhat.com>2007-11-11 19:13:43 -0800
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-11-12 10:32:29 -0800
commit00ec99da43a7c2aed46c6595aa271b84bb1b1462 (patch)
tree88eec24facdcba422db6a13206d4586daef9e1ad /ipc/util.c
parent6e800af233e0bdf108efb7bd23c11ea6fa34cdeb (diff)
core dump: remain dumpable
The coredump code always calls set_dumpable(0) when it starts (even if RLIMIT_CORE prevents any core from being dumped). The effect of this (via task_dumpable) is to make /proc/pid/* files owned by root instead of the user, so the user can no longer examine his own process--in a case where there was never any privileged data to protect. This affects e.g. auxv, environ, fd; in Fedora (execshield) kernels, also maps. In practice, you can only notice this when a debugger has requested PTRACE_EVENT_EXIT tracing. set_dumpable was only used in do_coredump for synchronization and not intended for any security purpose. (It doesn't secure anything that wasn't already unsecured when a process dies by SIGTERM instead of SIGQUIT.) This changes do_coredump to check the core_waiters count as the means of synchronization, which is sufficient. Now we leave the "dumpable" bits alone. Signed-off-by: Roland McGrath <roland@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'ipc/util.c')
0 files changed, 0 insertions, 0 deletions