OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 3rd quarter (Jul-Sep) 1994: Re: Sending escape sequences to xterms via wall/talk

Re: Sending escape sequences to xterms via wall/talk

Paul Daw (pauldpyramid.com)
Thu, 21 Jul 1994 08:44:13 -0700 

On Jul 21,  2:21, "Christopher A. Stewart" wrote:
> Subject: Re:  Sending escape sequences to xterms via wall/talk
> >>>>> "Mike" == Mike Raffety <mike_raffetyil.us.swissbank.com> writes:
> 
>     Mike> setuid programs don't produce core dumps; it's a security
>     Mike> feature.
> 
> Huh? What *NIX are you using? I've not noticed that behavior..
> 
>-- End of excerpt from "Christopher A. Stewart"

Hmm.  I didn't think that this was the case either, but I just tried it
(on a Pyramid MIS-T,) and I can't get any suid programs to dump core.
Using the same test cases, non-suid programs dump core dependably.

This makes sense if you think about it.  Suppose I was running /bin/passwd,
I had just entered in my password, and then passwd core dumped for some
reason.  The core image would have my clear text password stored in it.

Of course, one could argue that the core should still be dumped, but be
mode 400 and owned by the suid owner, but that isn't happening, at
least in my case.

      -m---------  Paul Daw                      Pyramid Technology Corporation
    ---mmm-------  Engineering Lab Management    3860 North First Street
  -----mmmmm-----  pauldpyramid.com -or-        San Jose, CA
-------mmmmmmm---  uunet!pyramid!pauld           95134