tech-kern: Re: sysctl knob to let sugid processes dump core (pr 15994)

Subject: Re: sysctl knob to let sugid processes dump core (pr 15994)
To: None <tls@rek.tjls.com>
From: Elad Efrat <elad@NetBSD.org>
List: tech-kern
Date: 01/25/2006 20:30:40

Thor Lancelot Simon wrote:

> Not from my point of view.  From my point of view, we're adding the ability
> for an attacker to harvest sensitive information in a way in which he could
> not harvest it before -- and we're making it possible to turn that on
> without access to the machine's console.

how do you want the securelevel to affect the knob? default disable and
can only be modified in securelevel > 0?

-e.

-- 
Elad Efrat