svn commit: r334543 - head/usr.bin/top
Cy Schubert
Cy.Schubert at cschubert.com
Mon Jun 4 05:08:06 UTC 2018
In message <5B14C64B.2070602 at grosbein.net>, Eugene Grosbein writes:
> 04.06.2018 4:33, Rodney W. Grimes wrote:
>
> >>>> Bad side effect of doing that is it is not hard to get a "core"
> >>>> from top when run as a user, as it is going to try to write
> >>>> to /, and it probably does not have permission for that.
>
> We already have global sysctl kern.corefile that can be changed to /var/tmp/%
> N.core
>
> Perhaps, a kernel could take a look to process environment to something like
> KERN_COREFILE variable for an override of that sysctl?
>
Only if the file doesn't exist and the lowest level directory is
writable by UID. Even then if any directory within the path is not
searchable by UID it should be disallowed. Otherwise it would be a CVE.
--
Cheers,
Cy Schubert <Cy.Schubert at cschubert.com>
FreeBSD UNIX: <cy at FreeBSD.org> Web: http://www.FreeBSD.org
The need of the many outweighs the greed of the few.
More information about the svn-src-all
mailing list