[prev in list] [next in list] [prev in thread] [next in thread]
List: bird-users
Subject: Re: [PATCH] Set PR_SET_DUMPABLE before switching uid to allow core dumps.
From: Ondrej Zajicek <santiago () crfreenet ! org>
Date: 2023-01-22 20:32:07
Message-ID: Y82dR9qP2rSfBft4 () feanor
[Download RAW message or body]
On Fri, Jan 13, 2023 at 03:21:36PM +0100, Thomas Liske wrote:
> Signed-off-by: Thomas Liske <liske@ibh.de>
> ---
>
> This patch sets the PR_SET_DUMPABLE capability before switching
> to a unprivileged user to allow core dumps (see also the paragraph
> about set-user-ID in `man 5 core`)
>
> Background: While debugging bird on Alpine we wonder why it was
> not possible to get a core dump when bird runs under a unprivileged
> user.
Hi
Sorry for later reply. Did not know about this issue with core dumps. It
is interesting nobody noticed that before. I am not really sure why using
setresuid() has the same core dump restriction as set-user-ID programs,
considering it changes both real and effective UID.
Using prctl(PR_SET_DUMPABLE) has some strange side-effects in changing
ownership of /proc/<pid>/* fields. Not really sure what are implications
of that.
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic