[vdr] -u in 1.3.38 -> no core dumps?
vskytta at gmail.com
Sun Jan 8 15:06:33 CET 2006
FYI: I had played with Ludwig Nussel's "su" patch in the past, and
noticed that the setuid() stuff prevents VDR from dumping core in case
of crashes. I haven't really tested it yet, but from skimming the code
it looks like the -u implementation included in 1.3.38 might have the
same feature too. Of course, no core dumps on crashes makes debugging
problems a lot harder :(
Doing something like prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) after setuid()
and setgid() should fix it, but there may be security implications to
consider (whose implications in case of VDR are probably pretty small,
but there's a reason why setuid/setgid things don't dump core by
default...). In kernels >= 2.6.13, "2" instead of "1" in the above
would be available too, which would be quite a bit better.
Of course, the simplest "fix" for 1.3.38 would be to not even start it
as root; no setuid/setgid -> no (new) problems getting core dumps.
More info: PR_SET_DUMPABLE in "man prctl", and
http://lwn.net/Articles/104341/ (I'm not sure if that has been applied;
mabe it has in >= 2.6.13).
Apologies beforehand if the above doesn't apply to VDR 1.3.38; as said,
I haven't actually tested it but thought I'd report it while I remember.
More information about the vdr