On 06/22/2012 02:24 PM, Kees Cook wrote: > When the suid_dumpable sysctl is set to "2", and there is no core > dump pipe defined in the core_pattern sysctl, a local user can cause > core files to be written to root-writable directories, potentially with > user-controlled content. This means an admin can unknowningly reintroduce > a variation of CVE-2006-2451. ... > --- a/Documentation/sysctl/fs.txt > +++ b/Documentation/sysctl/fs.txt > @@ -167,12 +167,12 @@ or otherwise protected/tainted binaries. The modes are > 1 - (debug) - all processes dump core when possible. The core dump is > owned by the current user and no security is applied. This is > intended for system debugging situations only. Ptrace is unchecked. > -2 - (suidsafe) - any binary which normally would not be dumped is dumped > - readable by root only. This allows the end user to remove > - such a dump but not access it directly. For security reasons > - core dumps in this mode will not overwrite one another or > - other files. This mode is appropriate when administrators are > - attempting to debug problems in a normal environment. > +2 - (suidsafe) - no longer allowed (returns -EINVAL). Random comment: a reference to the CVE might be good here. Rob -- GNU/Linux isn't: Linux=GPLv2, GNU=GPLv3+, they can't share code. Either it's "mere aggregation", or a license violation. Pick one. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
