Subject: Re: sysctl knob to let sugid processes dump core (pr 15994)
To: Elad Efrat <elad@NetBSD.org>
From: Tim Rightnour <root@garbled.net>
List: tech-security
Date: 01/13/2006 08:53:14
On 13-Jan-2006 Elad Efrat wrote:
>> Who will be the owner of the setugid core dump?
> 
> Effective uid.

Can we also assume that the mode of the core will be 400?  It might also be
reasonable to force all setgid cores to be owned by root mode 400.  Only root
can twiddle the sysctl anyhow.

You mention in a later email having a configurable set of owners/location. 
Perhaps a reasonable default for the owner would be root.

---
Tim Rightnour <root@garbled.net>
NetBSD: Free multi-architecture OS http://www.netbsd.org/
Genecys: Open Source 3D MMORPG: http://www.genecys.org/