From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Fri, 3 Feb 2012 19:59:36 +0000 (-0500)
Subject: Normally, sudo disables core dumps while it is running.  This
X-Git-Tag: SUDO_1_8_4~28
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1ceb7f96a65374092d7dd658ee06799813048200;p=sudo

Normally, sudo disables core dumps while it is running.  This
behavior can now be modified at run time with a line in sudo.conf
like "Set disable_coredumps false"

--HG--
branch : 1.8
---

1ceb7f96a65374092d7dd658ee06799813048200
diff --cc doc/sudo.cat
index 210318493,038fb46d1..b28d97d82
--- a/doc/sudo.cat
+++ b/doc/sudo.cat
@@@ -327,9 -405,7 +327,10 @@@ PPLLUUGGIINNS
          #
          # Format:
          #   Plugin plugin_name plugin_path
 -        #   Path askpass path/to/askpass
 +        #   Path askpass /path/to/askpass
 +        #   Path noexec /path/to/noexec.so
 +        #   Debug sudo /var/log/sudo_debug all@warn
++        #   Set disable_coredump true
          #
          # The plugin_path is relative to /usr/local/libexec unless
          #   fully qualified.
@@@ -445,6 -474,6 +446,20 @@@ SSEECCUURRIITTYY NNOOTTEES
         information, please see the PREVENTING SHELL ESCAPES section in
         _s_u_d_o_e_r_s(4).
  
++       To prevent the disclosure of potentially sensitive information, ssuuddoo
++       disables core dumps by default while it is executing (they are re-
++       enabled for the command that is run).  To aid in debugging ssuuddoo
++       crashes, you may wish to re-enable core dumps by setting
++       "disable_coredump" to false in the _/_e_t_c_/_s_u_d_o_._c_o_n_f file.
++
++        Set disable_coredump false
++
++       Note that by default, most operating systems disable core dumps from
++       setuid programs, which includes ssuuddoo.  To actually get a ssuuddoo core file
++       you may need to enable core dumps for setuid processes.  On BSD and
++       Linux systems this is accomplished via the sysctl command, on Solaris
++       the coreadm command can be used.
++
  EENNVVIIRROONNMMEENNTT
         ssuuddoo utilizes the following environment variables.  The security policy
         has control over the content of the command's environment.
@@@ -582,4 -629,32 +597,4 @@@ DDIISSCCLLAAIIMMEER
  
  
  
- 1.8.4                          January  6, 2012                       SUDO(1m)
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -
 -1.8.0rc1                February 21, 2011                      10
 -
 -
++1.8.4                          February  3, 2012                      SUDO(1m)
diff --cc doc/sudo.man.in
index ee15f8f04,55a16b472..bdd8da06a
--- a/doc/sudo.man.in
+++ b/doc/sudo.man.in
@@@ -149,7 -149,7 +149,7 @@@
  .\" ========================================================================
  .\"
  .IX Title "SUDO @mansectsu@"
- .TH SUDO @mansectsu@ "January  6, 2012" "1.8.4" "MAINTENANCE COMMANDS"
 -.TH SUDO @mansectsu@ "February 21, 2011" "1.8.0rc1" "MAINTENANCE COMMANDS"
++.TH SUDO @mansectsu@ "February  3, 2012" "1.8.4" "MAINTENANCE COMMANDS"
  .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
  .\" way too many mistakes in technical documents.
  .if n .ad l
@@@ -527,9 -532,7 +527,10 @@@ which corresponds to the following \fI@
  \& #
  \& # Format:
  \& #   Plugin plugin_name plugin_path
 -\& #   Path askpass path/to/askpass
 +\& #   Path askpass /path/to/askpass
 +\& #   Path noexec /path/to/noexec.so
 +\& #   Debug sudo /var/log/sudo_debug all@warn
++\& #   Set disable_coredump true
  \& #
  \& # The plugin_path is relative to @prefix@/libexec unless
  \& #   fully qualified.
@@@ -652,6 -590,6 +653,22 @@@ Because of this, care must be taken whe
  commands via \fBsudo\fR to verify that the command does not inadvertently
  give the user an effective root shell.  For more information, please
  see the \f(CW\*(C`PREVENTING SHELL ESCAPES\*(C'\fR section in \fIsudoers\fR\|(@mansectform@).
++.PP
++To prevent the disclosure of potentially sensitive information,
++\&\fBsudo\fR disables core dumps by default while it is executing (they
++are re-enabled for the command that is run).  To aid in debugging
++\&\fBsudo\fR crashes, you may wish to re-enable core dumps by setting
++\&\*(L"disable_coredump\*(R" to false in the \fI@sysconfdir@/sudo.conf\fR file.
++.PP
++.Vb 1
++\& Set disable_coredump false
++.Ve
++.PP
++Note that by default, most operating systems disable core dumps
++from setuid programs, which includes \fBsudo\fR.  To actually get a
++\&\fBsudo\fR core file you may need to enable core dumps for setuid
++processes.  On \s-1BSD\s0 and Linux systems this is accomplished via the
++sysctl command, on Solaris the coreadm command can be used.
  .SH "ENVIRONMENT"
  .IX Header "ENVIRONMENT"
  \&\fBsudo\fR utilizes the following environment variables.  The security