disable_coredump can be set to no on modern OSes without

security consequences.
2025-08-22 01:49:11 +00:00 · 2015-08-09 16:12:00 -06:00 · 2015-08-09 16:12:00 -06:00 · b2f1bbfb02
commit b2f1bbfb02
parent f1053af3b5
6 changed files with 32 additions and 20 deletions
--- a/doc/sudo.cat
+++ b/doc/sudo.cat
@ -459,9 +459,11 @@ SSEECCUURRIITTYY NNOOTTEESS

     To prevent the disclosure of potentially sensitive information, ssuuddoo
     disables core dumps by default while it is executing (they are re-enabled
-     for the command that is run).  To aid in debugging ssuuddoo crashes, you may
-     wish to re-enable core dumps by setting ``disable_coredump'' to false in
-     the sudo.conf(4) file as follows:
+     for the command that is run).  This historical practice dates from a time
+     when most operating systems allowed setuid processes to dump core by
+     default.  To aid in debugging ssuuddoo crashes, you may wish to re-enable
+     core dumps by setting ``disable_coredump'' to false in the sudo.conf(4)
+     file as follows:

           Set disable_coredump false

--- a/doc/sudo.conf.cat
+++ b/doc/sudo.conf.cat
@ -120,18 +120,20 @@ DDEESSCCRRIIPPTTIIOONN
     The ssuuddoo..ccoonnff file also supports the following front end settings:

     disable_coredump
-               Core dumps of ssuuddoo itself are disabled by default.  To aid in
+               Core dumps of ssuuddoo itself are disabled by default to prevent
+               the disclosure of potentially sensitive information.  To aid in
               debugging ssuuddoo crashes, you may wish to re-enable core dumps by
               setting ``disable_coredump'' to false in ssuuddoo..ccoonnff as follows:

                     Set disable_coredump false

-               Note that most operating systems disable core dumps from setuid
-               programs, including ssuuddoo.  To actually get a ssuuddoo core file you
-               will likely need to enable core dumps for setuid processes.  On
-               BSD and Linux systems this is accomplished in the sysctl
-               command.  On Solaris, the coreadm command is used to configure
-               core dump behavior.
+               All modern operating systems place restrictions on core dumps
+               from setuid processes like ssuuddoo so this option can be enabled
+               without compromising security.  To actually get a ssuuddoo core
+               file you will likely need to enable core dumps for setuid
+               processes.  On BSD and Linux systems this is accomplished in
+               the sysctl command.  On Solaris, the coreadm command is used to
+               configure core dump behavior.

               This setting is only available in ssuuddoo version 1.8.4 and
               higher.
--- a/doc/sudo.conf.man.in
+++ b/doc/sudo.conf.man.in
@ -265,7 +265,8 @@ file also supports the following front end settings:
 disable_coredump
 Core dumps of
 \fBsudo\fR
-itself are disabled by default.
+itself are disabled by default to prevent the disclosure of potentially
+sensitive information.
 To aid in debugging
 \fBsudo\fR
 crashes, you may wish to re-enable core dumps by setting
@ -281,9 +282,10 @@ Set disable_coredump false
 .fi
 .RS 10n
 .sp
-Note that most operating systems disable core dumps from setuid programs,
-including
-\fBsudo\fR.
+All modern operating systems place restrictions on core dumps
+from setuid processes like
+\fBsudo\fR
+so this option can be enabled without compromising security.
 To actually get a
 \fBsudo\fR
 core file you will likely need to enable core dumps for setuid processes.
--- a/doc/sudo.conf.mdoc.in
+++ b/doc/sudo.conf.mdoc.in
@ -14,7 +14,7 @@
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd December 4, 2014
+.Dd August 9, 2015
 .Dt SUDO @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@ -241,7 +241,8 @@ file also supports the following front end settings:
 .It disable_coredump
 Core dumps of
 .Nm sudo
-itself are disabled by default.
+itself are disabled by default to prevent the disclosure of potentially
+sensitive information.
 To aid in debugging
 .Nm sudo
 crashes, you may wish to re-enable core dumps by setting
@ -253,9 +254,10 @@ as follows:
 Set disable_coredump false
 .Ed
 .Pp
-Note that most operating systems disable core dumps from setuid programs,
-including
-.Nm sudo .
+All modern operating systems place restrictions on core dumps
+from setuid processes like
+.Nm sudo
+so this option can be enabled without compromising security.
 To actually get a
 .Nm sudo
 core file you will likely need to enable core dumps for setuid processes.
--- a/doc/sudo.man.in
+++ b/doc/sudo.man.in
@ -919,6 +919,8 @@ To prevent the disclosure of potentially sensitive information,
 \fBsudo\fR
 disables core dumps by default while it is executing (they are
 re-enabled for the command that is run).
+This historical practice dates from a time when most operating
+systems allowed setuid processes to dump core by default.
 To aid in debugging
 \fBsudo\fR
 crashes, you may wish to re-enable core dumps by setting
--- a/doc/sudo.mdoc.in
+++ b/doc/sudo.mdoc.in
@ -19,7 +19,7 @@
 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\"
-.Dd August 7, 2015
+.Dd August 9, 2015
 .Dt SUDO @mansectsu@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@ -854,6 +854,8 @@ To prevent the disclosure of potentially sensitive information,
 .Nm
 disables core dumps by default while it is executing (they are
 re-enabled for the command that is run).
+This historical practice dates from a time when most operating
+systems allowed setuid processes to dump core by default.
 To aid in debugging
 .Nm
 crashes, you may wish to re-enable core dumps by setting