> > In savecore_old.c (I'm an i386 user), core file is open(2)'d as
> > 0644 or zopen(3)'d. in addition, savecore.c uses umask(002).
> > 
> 
> Hum, there is a security issue here. If I have a mean to make the system
> panic when logged as joe user, I can run passwd(1), make the system panic
> and then find parts of /etc/master.passwd in the kernel core. Bad.
> The defaults should be to create the core 0600. However, an option to
> savecore to override this would be nice (I find it terribly usefull to be able
> to rsh machine dmesg -M /var/crash/netsbd.x.core whithout having to
> log in to the machine and su root ... I have machines where security is not
> so critical).

Not really.

/var/crash is supposed to have the have mode 770, user == group, root
== wheel, when created by a new install, and those are relatively sane
defaults.  If it doesn't have those perms in that situation, _that_ is
a problem.

The perms set by savecore are not a problem or bug, and if they're
changed they'll prohibit an admin from setting up a machine in a way
that may be perfectly acceptable in their environment.

Why add a special set of flags to savecore and increase code bloat
further, when there's already an adequate solution to "do the right
thing"?


cgd