[issue950] Coredumping design error

Matthew Dillon dillon at apollo.backplane.com
Fri Feb 22 10:49:59 PST 2008


     Ok, I've committed the basic ownership check to the coredump code for
     this release.  I did verify that sgid dumps still work (when enabled
     via the sysctl).

     I have not committed the group/other permissions check, at least not
     yet.  It seems a little excessive considering the access needed to
     exploit such a hole is of far greater consequence then any desire to
     use it to exploit the core dump path would be.

						-Matt






More information about the Bugs mailing list