LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

Since kernel 2.6.18, setting 2 for PR_SET_DUMPABLE is no longer possible.

This commit is contained in:
Michael Kerrisk 2006-09-26 08:36:02 +00:00
parent 34f7665a1c
commit a3b7f00b4a
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
man2/prctl.2
View File

@ -71,9 +71,14 @@ various system calls that manipulate process UIDs and GIDs).
In kernels up to and including 2.6.12,
.I arg2
must be either 0 (process is not dumpable) or 1 (process is dumpable).
Since kernel 2.6.13, the value 2 is also permitted;
this causes any binary which normally would not be dumped
to be dumped readable by root only.
Between kernels 2.6.13 and 2.67, the value 2 was also permitted,
which caused any binary which normally would not be dumped
to be dumped readable by root only;
for security reasons, this feature has been removed.
.\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=115270289030630&w=2
.\" Subject: Fix prctl privilege escalation (CVE-2006-2451)
.\" From: Marcel Holtmann <marcel () holtmann ! org>
.\" Date: 2006-07-12 11:12:00
(See also the description of
.I /proc/sys/fs/suid_dumpable
in