Merge lp:~ev/apport/raring-suid_dumpable into lp:~ubuntu-core-dev/ubuntu/raring/apport/ubuntu
Proposed by
Evan
| Status: | Merged |
|---|---|
| Merged at revision: | 2185 |
| Proposed branch: | lp:~ev/apport/raring-suid_dumpable |
| Merge into: | lp:~ubuntu-core-dev/ubuntu/raring/apport/ubuntu |
| Diff against target: | 0 lines |
| To merge this branch: | bzr merge lp:~ev/apport/raring-suid_dumpable |
| Related bugs: |
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Martin Pitt | Approve | ||
|
Review via email:
|
|||
Description of the change
This branch enables core dumps for suid binaries.
This has traditionally been off by default due to concerns over possible security vulnerabilities. Kees has looked into this and protected against the case where the core pipe handler is set to "core" and setuid_dumpable is set:
[21:41:54] <kees> it's safe to do suidcoredump=2 thing now, too.
[21:42:37] <kees> er, fs.suid_dumpable=2 rather
[21:43:00] <kees> that was a fun fix, inspired by some discussion with ev a while back...
I would like to backport this apport change to previous Ubuntu releases, with your permission.
To post a comment you must log in.
Revision history for this message
| Martin Pitt (pitti) wrote | # |
This looks good to me, provided that we merge it into saucy (first). But please fix the indentation in the stop part.
Thanks!