Re: writing to kernel memory from a auth'ed program or other approachesto solving this prob?

Chris Markle wrote:
>
> Folks,
>
> We have a customer running RH Ent Linux 3 (2.4-kernel based). Our
> application runs as root and setuid's to a runtime user. Linux is not so
> inclined to generate a core dump for this type of app. We know about
> core-setuid-ok in /proc/sys/kernel, but that seems to not be working in
> this case to get core dumps. So we'd like to figure out how to get a
> core at this existing customer without doing things like shipping him
> new Linux or messy things of that ilk.
>
> One thought I had was why not figure out how to set the dumpable flag in
> the pid's task structure like prctl(PR_SET_DUMPABLE) would do. This has
> led me into a whole romp through Linux trying to figure out how to
> access kernel memory so I could set (obviously with a root program) this
> freakin' bit. So far I have not figured out how to do this.
>
> - Can one write to the kernel in Linux like you can do in Solaris with
> kvm_xxx() routines?
> - If one could, any ideas how I could find the address of the
> task_structure for an arbitrary pid?
> - Any other ideas of how I could do this?
>
> It would be nice if we could just write, test, and send the customer a
> program and just say "run this and we'll finally be able to get a core
> file"...
>
> Chris

I think this may help you:
http://www.daimi.au.dk/~kasperd/comp.os.linux.development.faq.html#suidcore

But you should also take a look on:
http://www.daimi.au.dk/~kasperd/comp.os.linux.development.faq.html#core
http://www.daimi.au.dk/~kasperd/comp.os.linux.development.faq.html#sigabrt

--
Kasper Dupont
Note to self: Don't try to allocate
256000 pages with GFP_KERNEL on x86.
.

Relevant Pages

  • Re: [PATCH 6/6] sched: disabled rt-bandwidth by default
    ... An application which hogs the CPU for 9.9 ... whether POSIX allows to do that or Linux obeyed the ... Your precious customer use case is simply crap. ... break kernel userspace API regardless of closed source or open source. ...
    (Linux-Kernel)
  • Re: Creating PDF and files and shared folders
    ... you could HIRE a Linux admin for some considerable time to ... network support to keep the linux boxes patched up ahead of the security ... That means the customer gets seved better & ... As for making money selling the most expensive option, ...
    (comp.unix.sco.misc)
  • writing to kernel memory from a authed program or other approaches to solving this prob?
    ... Linux is not so inclined to generate a core dump for this type of app. ... So we'd like to figure out how to get a core at this existing customer without doing things like shipping him new Linux or messy things of that ilk. ... This has led me into a whole romp through Linux trying to figure out how to access kernel memory so I could set (obviously with a root program) this freakin' bit. ...
    (comp.os.linux.development.system)
  • Re: Sweet Success
    ... I and Linux got the rap for that bad RAM. ... customer still talks about that crash. ... I have gotten word-of-mouth business but not nearly enough. ... > feelings on me - so wherever I go, I get good feelings and great ...
    (RedHat)
  • core_pattern pipe documentation
    ... I wrote the following description of the core_pattern pipe feature. ... and group root. ... The core dump proces will run with the privileges and in the name space ... Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ ...
    (Linux-Kernel)