[ubuntu-hardened] fs: suid_dumpable=2 and a security issue (gain root privileges).
daniel curtis
sidetripping at gmail.com
Thu Jan 14 12:17:07 UTC 2016
Hello.
Sorry for asking an question on a thread, which seems to be "solved". I
would only know if setting 'fs.suid_dumpable' to '2' (which is default
value in Ubuntu 12.04 LTS) is secure? It seems that with mode '1' (debug),
the core dump is owned by the current user and no security is applied.
Mode '2' (sudisafe) - default value. For security reasons core dumps in
this mode will not overwrite one another or other files etc. But according
to this article [1] mode '2' is no longer allowed, right? Mentioned article
and patch introduces mode '3' (pipeforced), but it can't be set in Ubuntu
12.04, for example, via 'sysctl.conf' file with an error:
>> "Invalid argument" setting key "fs.suid_dumpable"
So, according to all of this, I would like to ask if mode '2' is okay or it
is better to set this to e.g. '0'?
Thanks, best regards.
_____________________
[1] https://lwn.net/Articles/503315/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20160114/0f46ef9f/attachment.html>
More information about the ubuntu-hardened
mailing list