What of cron?
Posted Jul 13, 2006 15:36 UTC (Thu) by cventers
In reply to: What of cron?
Parent article: Denial of reality vulnerabilities
Well, the issue is that prctl() can be used to set your program such that
its core files will be written by root, regardless of who started it.
The rationale behind that was that you might have a program that you want
to be able to debug but that might be handling sensitive data, so prctl()
lets you say "create a core file that _only_ root can read".
So the denial of service thing is definitely true. The cron interaction
just plain sucks.
to post comments)