LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

Since kernel 2.6.18, setting 2 for PR_SET_DUMPABLE is no longer possible.

This commit is contained in:
Michael Kerrisk 2006-09-26 08:36:02 +00:00
parent 34f7665a1c
commit a3b7f00b4a
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
man2/prctl.2
View File

@ -71,9 +71,14 @@ various system calls that manipulate process UIDs and GIDs).
In kernels up to and including 2.6.12, In kernels up to and including 2.6.12,
.I arg2 .I arg2
must be either 0 (process is not dumpable) or 1 (process is dumpable). must be either 0 (process is not dumpable) or 1 (process is dumpable).
Since kernel 2.6.13, the value 2 is also permitted; Between kernels 2.6.13 and 2.67, the value 2 was also permitted,
this causes any binary which normally would not be dumped which caused any binary which normally would not be dumped
to be dumped readable by root only. to be dumped readable by root only;
for security reasons, this feature has been removed.
.\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=115270289030630&w=2
.\" Subject: Fix prctl privilege escalation (CVE-2006-2451)
.\" From: Marcel Holtmann <marcel () holtmann ! org>
.\" Date: 2006-07-12 11:12:00
(See also the description of (See also the description of
.I /proc/sys/fs/suid_dumpable .I /proc/sys/fs/suid_dumpable
in in