lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[PATCH] Fix docs for fs.suid_dumpable

Browse Source 
Sergey Vlasov noticed that there is not kernel.suid_dumpable, but
fs.suid_dumpable.

How KERN_SETUID_DUMPABLE ended up in fs_table[]? Hell knows...

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
Alexey Dobriyan
2006-08-27 01:23:28 -07:00
committed by Linus Torvalds
parent cc36e7f124
commit a2e0b56316
2 changed files with 20 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
Documentation/sysctl/fs.txt
View File

@@ -25,6 +25,7 @@ Currently, these files are in /proc/sys/fs:
- inode-state - inode-state
- overflowuid - overflowuid
- overflowgid - overflowgid
- suid_dumpable
- super-max - super-max
- super-nr - super-nr
@@ -131,6 +132,25 @@ The default is 65534.
============================================================== ==============================================================
suid_dumpable:
This value can be used to query and set the core dump mode for setuid
or otherwise protected/tainted binaries. The modes are
0 - (default) - traditional behaviour. Any process which has changed
privilege levels or is execute only will not be dumped
1 - (debug) - all processes dump core when possible. The core dump is
owned by the current user and no security is applied. This is
intended for system debugging situations only. Ptrace is unchecked.
2 - (suidsafe) - any binary which normally would not be dumped is dumped
readable by root only. This allows the end user to remove
such a dump but not access it directly. For security reasons
core dumps in this mode will not overwrite one another or
other files. This mode is appropriate when adminstrators are
attempting to debug problems in a normal environment.
==============================================================
super-max & super-nr: super-max & super-nr:
These numbers control the maximum number of superblocks, and These numbers control the maximum number of superblocks, and

20
Documentation/sysctl/kernel.txt
View File

@@ -50,7 +50,6 @@ show up in /proc/sys/kernel:
- shmmax [ sysv ipc ] - shmmax [ sysv ipc ]
- shmmni - shmmni
- stop-a [ SPARC only ] - stop-a [ SPARC only ]
- suid_dumpable
- sysrq ==> Documentation/sysrq.txt - sysrq ==> Documentation/sysrq.txt
- tainted - tainted
- threads-max - threads-max
@@ -310,25 +309,6 @@ kernel. This value defaults to SHMMAX.
============================================================== ==============================================================
suid_dumpable:
This value can be used to query and set the core dump mode for setuid
or otherwise protected/tainted binaries. The modes are
0 - (default) - traditional behaviour. Any process which has changed
privilege levels or is execute only will not be dumped
1 - (debug) - all processes dump core when possible. The core dump is
owned by the current user and no security is applied. This is
intended for system debugging situations only. Ptrace is unchecked.
2 - (suidsafe) - any binary which normally would not be dumped is dumped
readable by root only. This allows the end user to remove
such a dump but not access it directly. For security reasons
core dumps in this mode will not overwrite one another or
other files. This mode is appropriate when adminstrators are
attempting to debug problems in a normal environment.
==============================================================
tainted: tainted:
Non-zero if the kernel has been tainted. Numeric values, which Non-zero if the kernel has been tainted. Numeric values, which