2

Is there a way to specify the core dumped file permissions?

When I use sysctl these are the variables I see.

kern.corefile: /var/coredump/%N.core kern.nodump_coredump: 0 kern.coredump: 1 kern.capmode_coredump: 0 kern.sugid_coredump: 1 debug.ncores: 5 debug.elf32_legacy_coredump: 0 debug.elf64_legacy_coredump: 0

These are all configured to properly dump cores into the /var/coredump directory. However, I don't see any way to specify the permissions of the file.

Off the top of my head, I can run a script via root's crontab to change the permissions on that directory every 1m. However, that doesn't seem like a proper solution.

Is there a way to properly change the core file permissions?

Improve this question
2
  • You can edit and recompile the kernel. In 10.3, the code is in kern/kern_sig.c. Look for cmode = S_IRUSR | S_IWUSR;. Commented Jun 19, 2017 at 20:41
  • @MarkPlotnick thanks for the tip. A sysctl variable would definitely have been easier, but that should work. If you submit as an Answer I can check your answer off (once I compile and verify later this morning). Commented Jun 20, 2017 at 12:00

1 Answer 1

Reset to default
3

At the present time, the kernel will always create a core file with 0600 permissions; it's hard-coded in the C source.

If you can rebuild your kernel, the line to change is in kern/kern_sig.c (in 10.3 and 11.0), in the function corefile_open():

cmode = S_IRUSR | S_IWUSR;
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.