On Thu, 21 Jun 2012 12:43:19 -0700 Kees Cook <keescook@xxxxxxxxxxxx> wrote: > When the suid_dumpable sysctl is set to "2", and there is no > core dump pipe defined in the core_pattern sysctl, a local user > can cause core files to be written to root-writable directories, > potentially with user-controlled content. This means an admin > can unknowningly reintroduce a variation of CVE-2006-2451 (see > abf75a5033d4da7b8a7e92321d74021d1fcfb502). Its intended to work the way it does. It's also ABI. I think pipe-only is a really good idea. Likewise I accept with the pipe feature nowdays there is a good case to kill off case 2. However I don't think magically turning one into the other is sensible, in fact its *stupid* IMHO because it's asking systems to get unexpected behaviour. I would much rather see case 2 either left as is, or set to return -EINVAL (or similar) and a new case 3 for pipe only. Alan -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
