Subject: Re: SUGID bit in coredump()
To: Curt Sampson <curt@portal.ca>
From: matthew green <mrg@eterna.com.au>
List: tech-kern
Date: 10/19/1996 08:47:10
> mrg
> Fri Oct 18 01:39:35 PDT 1996
> Update of /cvsroot/src/sys/kern
> In directory netbsd1:/var/slash-tmp/cvs-serv25445
>
> Modified Files:
> kern_sig.c
> Log Message:
> in coredump(), check the SUGID bit rather than testing various parts
> of the cred structures. this prevents a previously set[gu]id process
> from generating a core file.
Does this also catch the situation where a process (say, ftpd)
starts as root, and then does a setuid/setgid to become a certain
user? If so, that solves the ftpd problem recently posted on BoS,
where you could convince ftpd to core dump and it would leave chunks
of /etc/master.passwd behind in the core file. In fact, it solves
that general class of problem.
that's the whole poit of the SUGID bit -- it is set once at
process creation. the ftpd case you cite is infact what my
second sentence refers to. :-)