Seeing a thread on misc@ [1] earlier, I was wondering if the attached patch would be an improvement to show a user where to look if they do want a core dump from a setuid process. I changed the wording slightly since my earlier posting.
Regards, Rogier References 1. MARC.info - 'Core dumps from daemon processes?' thread http://marc.info/?t=126692921400001&r=1&w=2 ### Eclipse Workspace Patch 1.0 #P man5 Index: core.5 =================================================================== RCS file: /cvs/src/share/man/man5/core.5,v retrieving revision 1.12 diff -u -r1.12 core.5 --- core.5 31 May 2007 19:19:58 -0000 1.12 +++ core.5 25 Feb 2010 13:10:03 -0000 @@ -158,7 +158,16 @@ .Xr gdb 1 , .Xr pmdb 1 , .Xr setrlimit 2 , -.Xr sigaction 2 +.Xr sigaction 2 , +.Xr sysctl 3 +.Sh CAVEATS +Programs with their set-user-ID bit set will not dump core to prevent +sensitive information from inadvertently ending up on disk. If you are trying +to debug processes affected by this policy, refer to the +.Li kern.nosuidcoredump +option in +.Xr sysctl 3 +for more information. .Sh HISTORY A .Nm
