/usr/lib/corekeeper/dump is in corekeeper 1.5.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 | #!/bin/sh
# Copyright 2013 Paul Wise <pabs@debian.org>
#
# Permission to use, copy, modify, and/or distribute this software for
# any purpose with or without fee is hereby granted, provided that the
# above copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND I DISCLAIM ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL I BE LIABLE FOR ANY
# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# corekeeper dump adds some extra privacy on Linux multi-user systems
# by putting core files into per-user directories. This is needed
# because Linux does not create directories when dumping core files
# and it is apparently painful to do that from within Linux.
#
# Thanks for the security audit go to Kees Cook <kees@debian.org>!
set -e
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi
# Check how many arguments the kernel sent us.
if [ $# -eq 2 ] ; then
# Awww, old kernel that does not support %d
# Cannot set the core file owner safely, use root
# See v3.6-6800-g12a2b4b in linux.git for more info
uid="$1"
core="$2"
owner="0"
elif [ $# -eq 3 ] ; then
# Yay! A kernel that does support %d
uid="$2"
core="$3"
owner="$2"
# Set the core file owner safely
if [ $1 -eq 2 ] ; then
owner="0"
fi
else
# Something is majorly broken.
echo "This script should be run with three arguments and a core file on stdin" 1>&2
exit 1
fi
# The exclamation marks are shell metacharacters
core="$(echo "$core" | tr '!' '-')"
umask 0077
mkdir -p "/var/crash/$owner"
chown "$owner" "/var/crash/$owner"
owner="$owner" core="$core" \
su -s /bin/sh -c '/bin/cat > /var/crash/"$owner"/"$core"' \
"$(getent passwd "$owner" | cut -d: -f1)"
|