Bug 104310 - prctl(PR_SET_DUMPABLE, 1) is ignored
Summary: prctl(PR_SET_DUMPABLE, 1) is ignored
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
(Show other bugs)
Version: 9
Hardware: i386 Linux
medium
medium
Target Milestone: ---
Assignee: Dave Jones
QA Contact: Brian Brock
URL:
Whiteboard:
Keywords:
: 98825 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-09-12 13:27 UTC by Hrunting Johnson
Modified: 2015-01-04 22:03 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-01-05 03:44:43 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2003:394 normal SHIPPED_LIVE Updated 2.4 kernel fixes various bugs 2003-12-23 05:00:00 UTC

Description Hrunting Johnson 2003-09-12 13:27:21 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5b)
Gecko/20030910 Firebird/0.6.1+

Description of problem:
Normally, setuid() programs can't dump core.  However, a setuid() program should
be able to use prctl() (man prctl) to enable coredumps.  Under this kernel, that
doesn't seem to be the case.  

Basically, the end result is one cannot do any debugging of setuid programs,
which is a serious hinderance to the use of Linux as a development platform.

Here is a test script:

#include <stdio.h>
#include <sys/prctl.h>

int main(int argc, char* argv[]) {
  setuid(9);
  prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
  printf("sleeping for 20 seconds; kill me now\n");
  sleep(20);
  exit(0);
}

Version-Release number of selected component (if applicable):
kernel-2.4.20-20.9

How reproducible:
Always

Steps to Reproduce:
1. ulimit -c unlimited
2. gcc t.c
3. ./a.out &
3. kill -SEGV <pid>
    

Actual Results:  Program dies, no core file is left

Expected Results:  Program dies, core file is left

Additional info:

Possibly related to this problem:
http://www.ussg.iu.edu/hypermail/linux/kernel/0305.1/0232.html
http://www.ussg.iu.edu/hypermail/linux/kernel/0304.3/0434.html

Comment 1 Joe Orton 2003-12-02 10:15:46 UTC
*** Bug 98825 has been marked as a duplicate of this bug. ***

Comment 2 Joe Orton 2003-12-02 10:34:48 UTC
This affects current 7.3 through 9 kernels.  Simple repro case:

#include <sys/types.h>
#include <sys/prctl.h>
#include <unistd.h>
#include <stdio.h>
#include <signal.h>

int main(int argc, char **argv)
{
    if (prctl(PR_SET_DUMPABLE, 0) || prctl(PR_SET_DUMPABLE, 1)) {
        perror("prctl(PR_SET_DUMPABLE)");
        return 1;
    }
    
    if (prctl(PR_GET_DUMPABLE) != 1) {
        fprintf(stderr, "prctl(PR_SET_DUMPABLE, 1) was ignored.\n");
        return 1;
    }

    printf("OK.\n");
    return 0;
}


Comment 3 Joe Orton 2003-12-02 10:38:16 UTC
The fix is as simple as below IIRC:

--- kernel/sys.c.orig   Tue Dec  2 10:30:02 2003
+++ kernel/sys.c        Tue Dec  2 10:30:29 2003
@@ -1242,7 +1242,6 @@
                                error = -EINVAL;
                                break;
                        }
-                       if (is_dumpable(current))
                                current->mm->dumpable = arg2;
                        break;
                case PR_SET_UNALIGN:



Note You need to log in before you can comment on or make changes to this bug.