I think I will try your patch since I have also had the same need
several times. In fact, not dumping a setuid core seems logical
for shared systems with lots of users, but on secured servers
which only host one daemon or two, and on which there's not any
user account, it's a bit annoying. In this case, if anyone gets
in the system, he's root anyway, so the initial protection
doesn't apply.
BTW, what uid/gid will the core get ? I think that it should get
the highest level so that if someone breaks in through a service
which uses this feature and which has dropped its uid/gid, at
least he cannot read eventual cores from previous attempts.
Comments ?
Willy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/