execve.2: Changes to the "dumpable" flag may change ownership of /proc/PID files

Reported-by: Eric Hopper <hopper@omnifarious.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2020-04-21 13:10:06 +02:00
parent 279aae0369
commit bf85b5e63a
1 changed files with 8 additions and 2 deletions

View File

@ -210,8 +210,7 @@ The following Linux-specific process attributes are also
not preserved during an not preserved during an
.BR execve (): .BR execve ():
.IP * 3 .IP * 3
The process's dumpable The process's "dumpable" attribute is set to the value 1,
flag is set to the value 1,
unless a set-user-ID program, a set-group-ID program, unless a set-user-ID program, a set-group-ID program,
or a program with capabilities is being executed, or a program with capabilities is being executed,
in which case the dumpable flag may instead be reset to the value in in which case the dumpable flag may instead be reset to the value in
@ -220,6 +219,13 @@ in the circumstances described under
.BR PR_SET_DUMPABLE .BR PR_SET_DUMPABLE
in in
.BR prctl (2). .BR prctl (2).
Note that changes to the "dumpable" attribute may cause ownership
of files in the process's
.IR /proc/[pid]
directory to change to
.IR root:root ,
as described in
.BR proc (5).
.IP * .IP *
The The
.BR prctl (2) .BR prctl (2)