Comment 7 for bug 1242435

> Indeed most of /proc/<pid>/* are owned by root:root in this case, and "status" shows euid=0. I agree that we should make the .crash file owned by the effective instead of real UID.

Correction: ping drops its euid back to the calling user right after program start, so this does not actually affect a setuid program which keeps root privileges. For those, reports are owned by "root" already as they should.

So this only affects suid programs which switch back to the user; for ping, /proc/pid/status shows that real and effective uid are "1000" (or whichever user called it), just the saved uid is 0, i. e. ping uses setresuid(n, n, -1) instead of dropping the possibility of ever going back (setuid(n)).

So the impact of this is actually quite low.