On 23/02/2010 21:24, Theo de Raadt whispered from the shadows...: >> On 23/02/2010 21:09, Theo de Raadt whispered from the shadows...: >>>> On 23/02/2010 18:28, Theo de Raadt whispered from the shadows...: >>>>>> 3. The program does not use file system setuid bits, BUT does use the >>>>>>> setuid() et al. system calls to drop privileges from root to some other >>>> >>>>> In OpenBSD -- if you change uids, you don't get core dumps. >>>> >>>> Which I find a very strange choice, >>> >>> I gues it's good that we get to make the choices. In all the other >>> projects, such choices would not even be thought of. >> >> It is a choice that is hard on application developers when it comes to >> debugging problems. Linux has per process PR_SET_DUMPABLE flag; FreeBSD >> has (last I looked) a kern.sugid_coredump similar to OpenBSD >> kern.nosuidcoredump. > > It is a choice that is hard on people trying to find password or keying > information inside priv-sep daemons.
Yes. I understand, now that it has been declared. A paragraph about this in man core(5) would help as a future reminder. -- Anthony C Howe Skype: SirWumpus SnertSoft +33 6 11 89 73 78 Twitter: SirWumpus BarricadeMX & Milters http://snert.com/ http://nanozen.info/ http://snertsoft.com/