diff options
| author | Michael Kerrisk <mtk.manpages@gmail.com> | 2016-09-21 10:16:28 +0200 |
|---|---|---|
| committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2016-09-21 11:48:32 +0200 |
| commit | 5681553cb80fa2221fc711af8f6d89b406dbeb8b (patch) | |
| tree | b90222f55671dab0007c5002001deaf6add7b10f /man5 | |
| parent | c3c64ee6e3d991377ec404a983abc5f83a80bed8 (diff) | |
| download | man-pages-5681553cb80fa2221fc711af8f6d89b406dbeb8b.tar.gz | |
proc.5: Note that 'suid_dumpable' mode 1 is insecure
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Diffstat (limited to 'man5')
| -rw-r--r-- | man5/proc.5 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/man5/proc.5 b/man5/proc.5 index 7b88032f10..8391cb6eeb 100644 --- a/man5/proc.5 +++ b/man5/proc.5 @@ -4071,7 +4071,9 @@ All processes dump core when possible. .BR core (5).) The core dump is owned by the filesystem user ID of the dumping process and no security is applied. -This is intended for system debugging situations only. +This is intended for system debugging situations only: +this mode is insecure because it allows unprivileged users to +examine the memory contents of privileged processes. .TP \fI2\ ("suidsafe")\fP Any binary which normally would not be dumped (see "0" above) |