From: Jesus Cea Avion (jcea@argo.es)
Date: Tue Dec 10 2002 - 12:20:00 EST
Solaris 2.5.1 (kernel 103640-39).
a) Take a process.
b) The process "crash".
c) A "core dump" is saved to disk.
That's right.
Now, my problem is:
a) Take a process.
b) The process (running as "root") do a "SETUID" call to run as other
user.
c) The process "crash".
d) A "core dump" is NOT saved to disk.
I know that if UID!=EUID (user ID, Effective User ID), a "core dump"
would not be saved, as a security measure ("man core", first paragraph).
Nevertheless, in point C, UID==EUID (verified!). So, a Core Dump SHOULD
be saved.
Am I missing something?.
Proof code:
>>>>>
#include <stdio.h>
#include <unistd.h>
int main(void) {
setuid(60001); /* Change user */
printf("%d, %d\n", getuid(), geteuid()); /* Check UID==EUID */
*(int *)0 = 0; /* Core Dump! */
return;
}
<<<<<
Inside a directory with modes 777 (everybody can write to it), this code
doesn't not create a "core dump".
Help! :-(.
--
Jesus Cea Avion _/_/ _/_/_/ _/_/_/
jcea@argo.es http://www.argo.es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/
_/_/ _/_/ _/_/_/_/_/
PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:26 EDT