[4059] in bugtraq
Re: FreeBSD,rlogin and coredumps.
daemon@ATHENA.MIT.EDU (Adrian Chadd)
Mon Feb 17 17:59:41 1997
Date: Mon, 17 Feb 1997 16:52:42 +0800
Reply-To: Adrian Chadd <adrian@SKYWALKER.ACEONLINE.COM.AU>
From: Adrian Chadd <adrian@SKYWALKER.ACEONLINE.COM.AU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199702170437.UAA04543@root.com> from David Greenman at "Feb 16,
97 08:37:57 pm"
> >I also tried this on a FreeBSD 2.1.5 box, and it did the same thing. I
> >wonder if there is a way to make a core dump only readable by root, and why
> >this isn't the default?
>
> FreeBSD 2.1.6 and later versions will not dump a core file if the process
> is setuid/setgid.
>
True - I couldn't do it on my 2.1.6 box. But I can do it on the latest
release of 2.2-GAMMA, however I'm assuming its been enabled for development.
Also - whenever I've done it, I've only been able to read my password
though strings, I couldn't see any other encrypted strings anywhere.
Any comments?
Adrian Chadd
<adrian@psinet.net.au>
