cannot get core dump of crashing freeradius
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Mon Apr 19 16:43:55 CEST 2010
Hi,
> Maybe the info about /proc/sys/fs/suid_dumpable should be added to
> doc/bugs...
to quote the man page:
/proc/sys/fs/suid_dumpable (since Linux 2.6.13)
The value in this file determines whether core dump files are
produced for set-user-ID or otherwise protected/tainted bina-
ries. Three different integer values can be specified:
0 (default) This provides the traditional (pre-Linux 2.6.13)
behavior. A core dump will not be produced for a process which
has changed credentials (by calling seteuid(2), setgid(2), or
similar, or by executing a set-user-ID or set-group-ID program)
or whose binary does not have read permission enabled.
1 ("debug") All processes dump core when possible. The core
dump is owned by the file system user ID of the dumping process
and no security is applied. This is intended for system debug-
ging situations only. Ptrace is unchecked.
2 ("suidsafe") Any binary which normally would not be dumped
(see "0" above) is dumped readable by root only. This allows
the user to remove the core dump file but not to read it. For
security reasons core dumps in this mode will not overwrite one
another or other files. This mode is appropriate when adminis-
trators are attempting to debug problems in a normal environ-
ment.
i dont think this got enough coverage in most information outlets..in fact
2.6.13 has been around for a while but today was the first time i learnt of
that behaviour.
maybe FreeRADIUS code updated to detect this value...and if its set to 0
then it could mention it in the debug output? ;-)
alan
More information about the Freeradius-Users
mailing list