Euid/egid is typically used to run untrusted code provided by a user as that user. If the kernel would dump core as root then it could be possible for the user to trig core files to be written as root in directories (s)he doesn't have access to. If the kernel would dump core as the user then (s)he could trig a coredump to get access to sensitive data that the process holds in memory.
The kernel has a flag that enables coredumps which is cleared when seteuid et al are called. If you're using a sufficiently recent Pike (be it 7.2, 7.4 or 7.5), you can use system.dumpable() or System.dumpable() to reenable the flag. We added that function in early March this year.
/ Martin Stjernholm, Roxen IS
Previous text:
2003-09-15 10:28: Subject: Re: Catching segfault
Martin Stjernholm, Roxen IS @ Pike developers forum wrote:
Are you changing the effective user or group? In that case you won't get coredumps since they would be a theoretical security problem.
Yes I am. But why this would be a theoretical security problem ?
-- David Gourdelier
/ Brevbäraren