Subject: Re: sysctl knob to let sugid processes dump core (pr 15994)
To: None <>
From: Elad Efrat <>
List: tech-security
Date: 01/13/2006 16:57:23 wrote:

> My proposal would be to modify the sysctls to provide a default uid for
> setugid programs and maybe even a default path. With that it would be
> possible for root to limit the access to the coredump files even for
> normal programs running as root (think about a queue directory), but
> also use e.g. quotas to prevent local DOS. Therefore the setugid
> coredumping would be *relatively* save, even in a productive
> environment.

I like the idea of both default owner and default directory to save the
coredumps of sugid processes.


Elad Efrat