diff options
author | Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> | 2017-09-04 13:13:24 +0100 |
---|---|---|
committer | Hans Dedecker <dedeckeh@gmail.com> | 2017-09-12 22:18:45 +0200 |
commit | 7765e442d04e4c19690f81084a9726776aea8b76 (patch) | |
tree | b41eddef3758dff09cb82f5406dccbce910e588c /target/linux/ramips | |
parent | 53839da46e6fb21e68b3878b4a2187c7d32d688e (diff) | |
download | upstream-7765e442d04e4c19690f81084a9726776aea8b76.tar.gz upstream-7765e442d04e4c19690f81084a9726776aea8b76.tar.bz2 upstream-7765e442d04e4c19690f81084a9726776aea8b76.zip |
basefiles: allow suid coredumps
Set sysctl fs.suid_dumpable = 2
This allows suid processes to dump core according to kernel.core_pattern
setting. LEDE typically uses suid to drop root priviledge rather than
gain it but without this setting any suid process would be unable to
produce coredumps (e.g. dnsmasq)
Processes still need to set a non zero core file process limit ('ulimit
-c unlimited' or if procd used 'procd_set_param limits
core="unlimited"') in order to produce a core. This setting removes an
obscure stumbling block along the way.
>From https://www.kernel.org/doc/Documentation/sysctl/fs.txt
suid_dumpable:
This value can be used to query and set the core dump mode for setuid
or otherwise protected/tainted binaries. The modes are
0 - (default) - traditional behaviour. Any process which has changed
privilege levels or is execute only will not be dumped.
1 - (debug) - all processes dump core when possible. The core dump is
owned by the current user and no security is applied. This is
intended for system debugging situations only. Ptrace is unchecked.
This is insecure as it allows regular users to examine the memory
contents of privileged processes.
2 - (suidsafe) - any binary which normally would not be dumped is dumped
anyway, but only if the "core_pattern" kernel sysctl is set to
either a pipe handler or a fully qualified path. (For more details
on this limitation, see CVE-2006-2451.) This mode is appropriate
when administrators are attempting to debug problems in a normal
environment, and either have a core dump pipe handler that knows
to treat privileged core dumps with care, or specific directory
defined for catching core dumps. If a core dump happens without
a pipe handler or fully qualifid path, a message will be emitted
to syslog warning about the lack of a correct setting.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
Diffstat (limited to 'target/linux/ramips')
0 files changed, 0 insertions, 0 deletions