[ubuntu-hardened] fs: suid_dumpable=2 and a security issue (gain root privileges).
daniel curtis
sidetripping at gmail.com
Sun Jan 17 15:04:40 UTC 2016
Hello.
Okay, I understand your point of view. So, regardless of Ubuntu's crash
handler, which expects mode '2', it is secure to leave it on a default
mode, right? (It seems, that in Ubuntu 12.04 LTS this key is set to '2' by
default).
>> I'd just leave it at "2".
For me, this is a sufficient answer. But, honestly in almost all sysctl(8)
and 'suid_dumpable' key related articles can be found an informations that
core dumps can never be made by SETUID programs, so it should be set to
'0'. Allowing programs to dump core can be achieved by '1', right?
So, enabling this key/option can be a security issue? What is your opinion?
I'm sorry for such confusion but it is because of plenty different
informations on the web etc. Summing up, the last, final question:
Q: 'fs.suid_dumpable' at '2' (sudisafe) or change it to value '0'? Of
course with security in mind.
A: ?
Thank You very much. Best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20160117/773abef4/attachment.html>
More information about the ubuntu-hardened
mailing list