disable_coredump can be set to no on modern OSes without

security consequences.

diff --git a/doc/sudo.cat b/doc/sudo.cat
index acdcd4699bda8c460471c7bda03950f02a94f1f1..2b97e379029bf14b3fbbbaa6576f13894aa5f189 100644 (file)
--- a/doc/sudo.cat
+++ b/doc/sudo.cat
@@ -459,9 +459,11 @@ S\bSE\bEC\bCU\bUR\bRI\bIT\bTY\bY N\bNO\bOT\bTE\bES\bS
 
      To prevent the disclosure of potentially sensitive information, s\bsu\bud\bdo\bo
      disables core dumps by default while it is executing (they are re-enabled
-     for the command that is run).  To aid in debugging s\bsu\bud\bdo\bo crashes, you may
-     wish to re-enable core dumps by setting ``disable_coredump'' to false in
-     the sudo.conf(4) file as follows:
+     for the command that is run).  This historical practice dates from a time
+     when most operating systems allowed setuid processes to dump core by
+     default.  To aid in debugging s\bsu\bud\bdo\bo crashes, you may wish to re-enable
+     core dumps by setting ``disable_coredump'' to false in the sudo.conf(4)
+     file as follows:
 
            Set disable_coredump false
 

diff --git a/doc/sudo.conf.cat b/doc/sudo.conf.cat
index f695d2ddf34c2f00072036dd555011fd52b82e68..3f8246343e84fadfe77b3f58240e0cc408a7897a 100644 (file)
--- a/doc/sudo.conf.cat
+++ b/doc/sudo.conf.cat
@@ -120,18 +120,20 @@ D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
      The s\bsu\bud\bdo\bo.\b.c\bco\bon\bnf\bf file also supports the following front end settings:
 
      disable_coredump
-               Core dumps of s\bsu\bud\bdo\bo itself are disabled by default.  To aid in
+               Core dumps of s\bsu\bud\bdo\bo itself are disabled by default to prevent
+               the disclosure of potentially sensitive information.  To aid in
                debugging s\bsu\bud\bdo\bo crashes, you may wish to re-enable core dumps by
                setting ``disable_coredump'' to false in s\bsu\bud\bdo\bo.\b.c\bco\bon\bnf\bf as follows:
 
                      Set disable_coredump false
 
-               Note that most operating systems disable core dumps from setuid
-               programs, including s\bsu\bud\bdo\bo.  To actually get a s\bsu\bud\bdo\bo core file you
-               will likely need to enable core dumps for setuid processes.  On
-               BSD and Linux systems this is accomplished in the sysctl
-               command.  On Solaris, the coreadm command is used to configure
-               core dump behavior.
+               All modern operating systems place restrictions on core dumps
+               from setuid processes like s\bsu\bud\bdo\bo so this option can be enabled
+               without compromising security.  To actually get a s\bsu\bud\bdo\bo core
+               file you will likely need to enable core dumps for setuid
+               processes.  On BSD and Linux systems this is accomplished in
+               the sysctl command.  On Solaris, the coreadm command is used to
+               configure core dump behavior.
 
                This setting is only available in s\bsu\bud\bdo\bo version 1.8.4 and
                higher.

diff --git a/doc/sudo.conf.man.in b/doc/sudo.conf.man.in
index 40c952d68cd80d500829db1e35b8ace39208e458..d2b0257c5951c7f67733363da0916ed4cedf00c2 100644 (file)
--- a/doc/sudo.conf.man.in
+++ b/doc/sudo.conf.man.in
@@ -265,7 +265,8 @@ file also supports the following front end settings:
 disable_coredump
 Core dumps of
 \fBsudo\fR
-itself are disabled by default.
+itself are disabled by default to prevent the disclosure of potentially
+sensitive information.
 To aid in debugging
 \fBsudo\fR
 crashes, you may wish to re-enable core dumps by setting
@@ -281,9 +282,10 @@ Set disable_coredump false
 .fi
 .RS 10n
 .sp
-Note that most operating systems disable core dumps from setuid programs,
-including
-\fBsudo\fR.
+All modern operating systems place restrictions on core dumps
+from setuid processes like
+\fBsudo\fR
+so this option can be enabled without compromising security.
 To actually get a
 \fBsudo\fR
 core file you will likely need to enable core dumps for setuid processes.

diff --git a/doc/sudo.conf.mdoc.in b/doc/sudo.conf.mdoc.in
index c3e7da747aac9ed136239841e0094299c1c200e5..16e5d6d5b91f1210d83bd7cc1fdd1994e4452822 100644 (file)
--- a/doc/sudo.conf.mdoc.in
+++ b/doc/sudo.conf.mdoc.in
@@ -14,7 +14,7 @@
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd December 4, 2014
+.Dd August 9, 2015
 .Dt SUDO @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -241,7 +241,8 @@ file also supports the following front end settings:
 .It disable_coredump
 Core dumps of
 .Nm sudo
-itself are disabled by default.
+itself are disabled by default to prevent the disclosure of potentially
+sensitive information.
 To aid in debugging
 .Nm sudo
 crashes, you may wish to re-enable core dumps by setting
@@ -253,9 +254,10 @@ as follows:
 Set disable_coredump false
 .Ed
 .Pp
-Note that most operating systems disable core dumps from setuid programs,
-including
-.Nm sudo .
+All modern operating systems place restrictions on core dumps
+from setuid processes like
+.Nm sudo
+so this option can be enabled without compromising security.
 To actually get a
 .Nm sudo
 core file you will likely need to enable core dumps for setuid processes.

diff --git a/doc/sudo.man.in b/doc/sudo.man.in
index 642444005bbe0a145189f45c355a713db310904d..3e032b44e8a72118204120d4fe71160205a99782 100644 (file)
--- a/doc/sudo.man.in
+++ b/doc/sudo.man.in
@@ -919,6 +919,8 @@ To prevent the disclosure of potentially sensitive information,
 \fBsudo\fR
 disables core dumps by default while it is executing (they are
 re-enabled for the command that is run).
+This historical practice dates from a time when most operating
+systems allowed setuid processes to dump core by default.
 To aid in debugging
 \fBsudo\fR
 crashes, you may wish to re-enable core dumps by setting

diff --git a/doc/sudo.mdoc.in b/doc/sudo.mdoc.in
index 654722ea53399bc5b3db0ce223034527569897d9..76ffeeee063d8f18685696f1fdc6988d2de7cbd0 100644 (file)
--- a/doc/sudo.mdoc.in
+++ b/doc/sudo.mdoc.in
@@ -19,7 +19,7 @@
 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\"
-.Dd August 7, 2015
+.Dd August 9, 2015
 .Dt SUDO @mansectsu@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -854,6 +854,8 @@ To prevent the disclosure of potentially sensitive information,
 .Nm
 disables core dumps by default while it is executing (they are
 re-enabled for the command that is run).
+This historical practice dates from a time when most operating
+systems allowed setuid processes to dump core by default.
 To aid in debugging
 .Nm
 crashes, you may wish to re-enable core dumps by setting