summaryrefslogtreecommitdiffstats
path: root/Documentation/sysctl/fs.txt
diff options
context:
space:
mode:
authorDave Jones <davej@redhat.com>2006-09-05 23:16:33 +0200
committerDave Jones <davej@redhat.com>2006-09-05 23:16:33 +0200
commit23e735bc7b0e1d614656881794257b4224efda3a (patch)
treed9523b531156fedb204e31b4612519b0a7a003e7 /Documentation/sysctl/fs.txt
parent[CPUFREQ] Fix sparse warning in ondemand (diff)
parentLinux 2.6.18-rc6 (diff)
downloadlinux-23e735bc7b0e1d614656881794257b4224efda3a.tar.xz
linux-23e735bc7b0e1d614656881794257b4224efda3a.zip
Merge ../linus
Diffstat (limited to 'Documentation/sysctl/fs.txt')
-rw-r--r--Documentation/sysctl/fs.txt20
1 files changed, 20 insertions, 0 deletions
diff --git a/Documentation/sysctl/fs.txt b/Documentation/sysctl/fs.txt
index 0b62c62142cf..5c3a51905969 100644
--- a/Documentation/sysctl/fs.txt
+++ b/Documentation/sysctl/fs.txt
@@ -25,6 +25,7 @@ Currently, these files are in /proc/sys/fs:
- inode-state
- overflowuid
- overflowgid
+- suid_dumpable
- super-max
- super-nr
@@ -131,6 +132,25 @@ The default is 65534.
==============================================================
+suid_dumpable:
+
+This value can be used to query and set the core dump mode for setuid
+or otherwise protected/tainted binaries. The modes are
+
+0 - (default) - traditional behaviour. Any process which has changed
+ privilege levels or is execute only will not be dumped
+1 - (debug) - all processes dump core when possible. The core dump is
+ owned by the current user and no security is applied. This is
+ intended for system debugging situations only. Ptrace is unchecked.
+2 - (suidsafe) - any binary which normally would not be dumped is dumped
+ readable by root only. This allows the end user to remove
+ such a dump but not access it directly. For security reasons
+ core dumps in this mode will not overwrite one another or
+ other files. This mode is appropriate when adminstrators are
+ attempting to debug problems in a normal environment.
+
+==============================================================
+
super-max & super-nr:
These numbers control the maximum number of superblocks, and