Comment 8 for bug 1242435
Revision history for this message
| Martin Carpenter (a-mcarpenter) wrote | #8 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Martin, I came here via ssh-keysign(8): the private host key is exposed in the resulting core file (as written out by apport). There are bound to be other suid applications that drop privileges in this way. This is, after all, the sane thing for an application to do. I don't think you can therefore claim that his has low impact.
Marc, I was already surprised to see the b64'd core file in the crash report. Although this is noted in the pop-up and apport wiki I don't think the claimed mitigations ("we ask the user and treat the data carefully") are adequate (in particular for a desktop OS aimed at the non-technical user). That those crashes might contain other users' data via setuid does not improve the situation(!) so I don't think suid_dumpable=2 is a justifiable default.