Re: Weird kernel 2.6.17.[67] behaviour

To: "Sébastien Bernard" <seb@frankengul.org>
Cc: debian-sparc@lists.debian.org, linux-kernel@vger.kernel.org
Subject: Re: Weird kernel 2.6.17.[67] behaviour
From: "Adam Henley" <adamazing@gmail.com>
Date: Thu, 27 Jul 2006 00:41:56 +0100
Message-id: <[🔎] c526a04b0607261641n7f09242h86025282153e4c91@mail.gmail.com>
In-reply-to: <[🔎] 44C7F794.3080304@frankengul.org>
References: <[🔎] 20060726135526.GA11310@frankengul.org> <[🔎] 44C7F794.3080304@frankengul.org>

On 27/07/06, Sébastien Bernard <seb@frankengul.org> wrote:

seb@frankengul.org a écrit :
> I got a perfectly workable kernel 2.6.17.1 using mkinitramfs on my U60.
>
> Can you shed some lights on this dark corner of linux ?
>
>       Seb


I can't shed any more light on it, but I can look too :o)

The original mailing of the patch to the list is below:
http://www.uwsg.iu.edu/hypermail/linux/kernel/0607.1/1694.html

[snip>
The prctl() system call should never allow to set "dumpable" to the
value 2. Especially not for non-privileged users.

This can be split into three cases:
 1) running as root -- then core dumps will already be done as root,
    and so prctl(PR_SET_DUMPABLE, 2) is not useful
 2) running as non-root w/setuid-to-root -- this is the debatable case
 3) running as non-root w/setuid-to-non-root -- then you definitely
    do NOT want "dumpable" to get set to 2 because you have the
    privilege escalation vulnerability
<snip]

Is it that something else is misbehaving and trying to dump core as root?

Reply to:

Follow-Ups:
- Re: Weird kernel 2.6.17.[67] behaviour
  - From: seb@frankengul.org

References:
- Weird kernel 2.6.17.[67] behaviour
  - From: seb@frankengul.org
- Re: Weird kernel 2.6.17.[67] behaviour
  - From: Sébastien Bernard <seb@frankengul.org>

Prev by Date: Re: Weird kernel 2.6.17.[67] behaviour
Next by Date: Re: Weird kernel 2.6.17.[67] behaviour
Previous by thread: Re: Weird kernel 2.6.17.[67] behaviour
Next by thread: Re: Weird kernel 2.6.17.[67] behaviour
Index(es):
- Date
- Thread