From: jmc Date: Sun, 4 May 2014 07:01:10 +0000 (+0000) Subject: tweak previous; X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=668df217a6a879cb8d437a7f4237cd9539f1086f;p=openbsd tweak previous; --- diff --git a/lib/libc/gen/sysctl.3 b/lib/libc/gen/sysctl.3 index c1e5f714036..1bd5c0ef169 100644 --- a/lib/libc/gen/sysctl.3 +++ b/lib/libc/gen/sysctl.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sysctl.3,v 1.233 2014/05/04 03:53:37 deraadt Exp $ +.\" $OpenBSD: sysctl.3,v 1.234 2014/05/04 07:01:10 jmc Exp $ .\" .\" Copyright (c) 1993 .\" The Regents of the University of California. All rights reserved. @@ -667,7 +667,7 @@ Whether a process may dump core after changing user or group ID: .It 0 Ta "euid == 0" Ta "current directory" .It 1 Ta "never" Ta "" .It 2 Ta "always" Ta Pa "/var/crash" -.It 2 Ta "depends" Ta Pa "/var/crash/$programname/" +.It 3 Ta "depends" Ta Pa "/var/crash/$programname/" .El .It Dv KERN_NPROCS The number of entries in the kernel process table. diff --git a/sbin/sysctl/sysctl.8 b/sbin/sysctl/sysctl.8 index dac573f121d..58303c2323c 100644 --- a/sbin/sysctl/sysctl.8 +++ b/sbin/sysctl/sysctl.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sysctl.8,v 1.178 2014/05/04 03:53:37 deraadt Exp $ +.\" $OpenBSD: sysctl.8,v 1.179 2014/05/04 07:01:10 jmc Exp $ .\" $NetBSD: sysctl.8,v 1.4 1995/09/30 07:12:49 thorpej Exp $ .\" .\" Copyright (c) 1993 @@ -526,13 +526,12 @@ To place core dumps from .Xr issetugid 2 programs (in this example .Xr bgpd 8 ) -into a safe place for debugging purposes +into a safe place for debugging purposes: .Bd -literal -offset indent # mkdir /var/crash/bgpd # chmod 700 /var/crash/bgpd # sysctl kern.nosuidcoredump=3 .Ed -.Pp .Sh SEE ALSO .Xr sysctl 3 , .Xr options 4 , diff --git a/share/man/man5/core.5 b/share/man/man5/core.5 index c89c8ae88ba..4dcd758e31e 100644 --- a/share/man/man5/core.5 +++ b/share/man/man5/core.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: core.5,v 1.17 2014/05/04 03:53:38 deraadt Exp $ +.\" $OpenBSD: core.5,v 1.18 2014/05/04 07:01:10 jmc Exp $ .\" $NetBSD: core.5,v 1.4 1994/11/30 19:31:11 jtc Exp $ .\" .\" Copyright (c) 1980, 1991, 1993 @@ -164,13 +164,13 @@ A file format appeared in .At v3 . .Sh CAVEATS -Programs which are started with (either) the set-user-ID or +Programs which are started with either the set-user-ID or set-group-ID bits set, -or which change their uid or gid after starting, will normally not +or which change their UID or GID after starting, will normally not dump core. This is to prevent sensitive information from inadvertently ending up on disk. -This behaviour can be changed (for debugging purposes) by changing +This behaviour can be changed (for debugging purposes) by changing the .Li kern.nosuidcoredump .Xr sysctl 3 variable to the right settings.