From Keith Bostic, with some minor changes:

 The problem reported on BUGTRACK was that ftpd could be convinced to
 drop core after it had discarded its special permissions, but while
 it still had a copy of the encrypted passwords in its buffers.  Change
 coredump() to:

     + Don't drop core for any process that was ever setuid/setgid if
       it's not running as root.
     + Change errno returns from EFAULT to appropriate values -- this
       will be useful for when coredump() becomes a system call and
       gcore goes away.
     + Create core dump files mode 600, and don't dump to files that
       are owned by anyone else or readable or writable by anyone other
       than the owner.

0 files changed, 0 insertions, 0 deletions