1833823 Members
2308 Online
110063 Solutions
New Discussion

Re: No core after setuid

 
Jean-Michel Frippiat
Occasional Contributor

No core after setuid

Hello,

When I kill with signal 11 the process resulting from the following C code, it produces or not a core dump depending on which HP-UX version and user id are used.

HP-UX version - root - uid 300
10.20 - YES - YES
11.00 & 11.11 - NO - YES

If I remove the setuid and setgid from the source code and kill with signal 11 the resulting process run as root under 11.x, it produces a core file. Hence the problem is not related to the root environment I have under 11.x.
How can I get a core dump under 11.x when the process is started as root and it changes its uid afterwards?
Thanks in advance.

JMF

#include
#include

int main(argc,argv)
int argc;
char *argv[];
{
printf("getuid : %d\n", getuid());
printf("geteuid : %d\n", geteuid());
printf("getgid : %d\n", getgid());
printf("getegid : %d\n", getegid());
if(setgid(300))
{
perror("setgid() failed:");
exit(1);
}
if(setuid(300))
{
perror("setuid() failed:");
exit(1);
}
printf("new getuid : %d\n", getuid());
printf("new geteuid : %d\n", geteuid());
printf("new getgid : %d\n", getgid());
printf("new getegid : %d\n", getegid());
printf("before pause()\n");
pause();
printf("after pause()\n");
}
2 REPLIES 2
Frank Slootweg
Honored Contributor

Re: No core after setuid

I don't think that is possible. See this part from the signal(5) manual page (I hope the formatting comes out right):

[Start quote:]
SIG_DFL Execute the default action, which varies depending on
the signal as described above:

A Terminate the receiving process with all of
the consequences outlined in exit(2).

B If following conditions are met, generate a
core image file (see core(4)) in the
current working directory of the receiving
process:

+ The effective user ID and the real
user ID of the receiving process
are equal.

+ The effective group ID and the real
group ID of the receiving process
are equal.

+ A regular file named core does not
exist and can be created, or exists
and is writable.
[End quote.]
Jean-Michel Frippiat
Occasional Contributor

Re: No core after setuid

Thanks for your hint Frank but the following output of the process run as root under HP-UX 11.11 (and then killed with signal 11 during pause) shows that after the setuid() and setgid(), the effective user id and the real user id are equal. So are the effective group id and real group id. No core though.

# ./process
getuid : 0
geteuid : 0
getgid : 3
getegid : 3
new getuid : 300
new geteuid : 300
new getgid : 300
new getegid : 300
before pause()
Memory fault
#


Furthermore, when I do the same under HP-UX 10.20, a core file is created.
# ./process
getuid : 0
geteuid : 0
getgid : 3
getegid : 3
new getuid : 300
new geteuid : 300
new getgid : 300
new getegid : 300
before pause()
Memory fault(coredump)


Thanks in advance for any further help.

JMF