-u in 1.3.38 -> no core dumps?

Message ID 1136731007.13425.21.camel@bobcat.mine.nu
State New
Headers

Commit Message

Ville Skyttä Jan. 8, 2006, 2:36 p.m. UTC
  On Sun, 2006-01-08 at 15:29 +0100, Klaus Schmidinger wrote:
> Ville Skyttä wrote:
> > FYI: I had played with Ludwig Nussel's "su" patch in the past, and
> > noticed that the setuid() stuff prevents VDR from dumping core in case
> > of crashes.  I haven't really tested it yet, but from skimming the code
> > it looks like the -u implementation included in 1.3.38 might have the
> > same feature too.  Of course, no core dumps on crashes makes debugging
> > problems a lot harder :(
> > 
> > Doing something like prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) after setuid()
> > and setgid() should fix it, but there may be security implications to
> > consider (whose implications in case of VDR are probably pretty small,
> > but there's a reason why setuid/setgid things don't dump core by
> > default...).  In kernels >= 2.6.13, "2" instead of "1" in the above
> > would be available too, which would be quite a bit better.
> > 
> > Of course, the simplest "fix" for 1.3.38 would be to not even start it
> > as root; no setuid/setgid -> no (new) problems getting core dumps.
> > 
> > More info: PR_SET_DUMPABLE in "man prctl", and
> > http://lwn.net/Articles/104341/ (I'm not sure if that has been applied;
> > mabe it has in >= 2.6.13).
> > 
> > Apologies beforehand if the above doesn't apply to VDR 1.3.38; as said,
> > I haven't actually tested it but thought I'd report it while I remember.
> 
> I'm not going to dig into this myself, so if anybody would like
> to propose a patch, please send it.

See attachment.  Still completely untested as it'll take some time until
I can get a working 1.3.38 set up, but based on experience from my
earlier experiments I think it should be pretty much ok.
  

Patch

--- vdr.c~	2006-01-08 13:49:03.000000000 +0200
+++ vdr.c	2006-01-08 16:16:10.000000000 +0200
@@ -96,6 +96,10 @@ 
         fprintf(stderr, "vdr: cannot set user id %u: %s\n", (unsigned int)user->pw_uid, strerror(errno));
         return false;
         }
+     if (prctl(PR_SET_DUMPABLE, 2, 0, 0, 0) < 0) {
+        fprintf(stderr, "vdr: (warning only) cannot set dumpable: %s\n", strerror(errno));
+        // always non-fatal, and will not work with kernel < 2.6.13
+        }
      }
   return true;
 }