Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Subject: Re: core dump
From: Bluefish (11aGMX.NET)
Date: Fri Jul 14 2000 - 03:01:38 CDT
- Next message: Tarhon-Onu Victor: "Re: wu-ftpd and /etc/passwd"
- Previous message: C.O.Too: "(no subject)"
- In reply to: mount ararat blossom: "core dump"
- Next in thread: Blair Strang: "Re: core dump"
- Reply: Bluefish: "Re: core dump"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Coredumps contains usefull information about what error has occured; as an
example, if someone overflows with lots of A (0x41), the coredump will
show that the stack contains a lot of 0x41. If it was possible to modify
the return address, it will show that execuation broke at a jump to
Coredumping is an imporant debugging feature. It can be disabled in live
systems by modifying limits, or made unreadable by others than the
"creator" by changing the umask.
Site which are considered security critical should probably disable
coredumps, as they may contain critical data (as the a somewhat recent
example in vuln-dev where a ftp-client kept the password in memory and
Although I haven't used coredumps in my development (not done so much
programming in the unix environemnt) I consider them an important
feature which should be implemented in other oprating systems as well.
On Thu, 13 Jul 2000, mount ararat blossom wrote:
> hi folks,
> i do not know this has been asked before but if so, sorry.
> my question is that i am new into the topic of vulnerability development
> world and i really wonder why unix like OS dumps core files and what is the
> of it.
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com