On Feb 27, Bill Sommerfeld wrote
> Core dumps are currently mode 0600.
> 
> Crash dumps (which even more likely to contain material some would
> consider confidential) should be, too; however, savecore always
> created them as mode 0644.
> 
> I just changed savecore to create dumps as mode 0600, not mode 0644.
> You can always make them more readable by following savecore with a
> chmod in /etc/rc ..
> 

This is a different problem: core dumps can be everywhere, crash dumps
are only in /var/crash. Just set the rigth perms on /var/crash and you're
done.
An admin could just chgrp/chmod /var/crash to let people read or not read
crash dumps, now it has to hack /etc/rc; for no increase in security.

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--