Subject: Re: sysctl knob to let sugid processes dump core (pr 15994)
To: None <tech-kern@netbsd.org>
From: None <joerg@britannica.bec.de>
List: tech-kern
Date: 01/25/2006 22:41:57
On Wed, Jan 25, 2006 at 01:28:10PM -0500, Thor Lancelot Simon wrote:
> You could always change one line in the kernel and get this, if you wanted
> it.  The difference, before, was that on a system running at securelevel 1
> or higher, you would need access to the machine in single user mode to do
> so, which allowed tightly constraining the set of potential attackers.

How does a securelevel of >= 1 prevent a root process from using ptrace
on the very same process you would have a coredump from? With the
exception of init, this is allowed, so the same set of information can
already be obtained by a program with enough rights to change the
sysctl. Therefore it is not a security regression for any kernel with
ptrace support. Similiar questions can be raised e.g. for procfs.

Joerg