Apply by doing
       cd /sys
       patch < nosuidcoredump.patch
       install -c -m 444 -o root -g bin sys/sysctl.h /usr/include
       cd /usr/src/usr.sbin/sysctl && make && make install

Index: kern/kern_sig.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_sig.c,v
retrieving revision 1.22
retrieving revision 1.25
diff -u -r1.22 -r1.25
--- kern_sig.c  1997/11/06 05:58:18     1.22
+++ kern_sig.c  1998/01/09 16:41:09     1.25
@@ -1103,6 +1103,8 @@
       /* NOTREACHED */
}

+int nosuidcoredump = 1;
+
/*
 * Dump core, into a file named "progname.core", unless the process was
 * setuid/setgid.
@@ -1127,6 +1129,8 @@
       if ((p->p_flag & P_SUGID) &&
           (error = suser(p->p_ucred, &p->p_acflag)) != 0)
               return (error);
+       if ((p->p_flag & P_SUGID) && nosuidcoredump)
+               return (EPERM);

       /* Don't dump if will exceed file size limit. */
       if (USPACE + ctob(vm->vm_dsize + vm->vm_ssize) >=

Index: kern/kern_sysctl.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_sysctl.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- kern_sysctl.c       1997/11/06 15:59:49     1.23
+++ kern_sysctl.c       1997/12/08 21:25:37     1.24
@@ -210,7 +210,7 @@
       int error, level, inthostid;
       extern char ostype[], osrelease[], osversion[], version[];
       extern int somaxconn, sominconn;
-       extern int usermount;
+       extern int usermount, nosuidcoredump;

       /* all sysctl names at this level are terminal */
       if (namelen != 1 && !(name[0] == KERN_PROC || name[0] == KERN_PROF))
@@ -305,6 +305,8 @@
       case KERN_RND:
               return (sysctl_rdstruct(oldp, oldlenp, newp, &rndstats,
                   sizeof(rndstats)));
+       case KERN_NOSUIDCOREDUMP:
+               return (sysctl_int(oldp, oldlenp, newp, newlen, &nosuidcoredump));
       default:
               return (EOPNOTSUPP);
       }

Index: sys/sysctl.h
===================================================================
RCS file: /cvs/src/sys/sys/sysctl.h,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- sysctl.h    1997/11/06 15:59:52     1.22
+++ sysctl.h    1997/12/08 21:25:34     1.23
@@ -145,7 +145,8 @@
#define        KERN_SOMINCONN          29      /* int: half-open controllable param */
#define        KERN_USERMOUNT          30      /* int: users may mount filesystems */
#define KERN_RND               31      /* struct: rnd(4) statistics */
-#define        KERN_MAXID              32      /* number of valid kern ids */
+#define KERN_NOSUIDCOREDUMP    32      /* int: no setuid coredumps ever */
+#define        KERN_MAXID              33      /* number of valid kern ids */

#define CTL_KERN_NAMES { \
       { 0, 0 }, \
@@ -180,6 +181,7 @@
       { "sominconn", CTLTYPE_INT }, \
       { "usermount", CTLTYPE_INT }, \
       { "random", CTLTYPE_STRUCT }, \
+       { "nosuidcoredump", CTLTYPE_INT }, \
}

/*

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.