Dumping core file from set-UID, set-GID 'ed processes in Linux
Lately I was encountering segmentation fault with one of our processes
and found that it was not dumping core file even though we asked it by
ulimit setting. It was set-UIDed root. Then I
discovered that the default behavior of set-UID, set-GID processes is
not to dump core unless explicitly asked by
prctl(2). In order to
dump core, the following has to be done.
prctl( PR_SET_DUMPABLE, 1 );
I haven't dealt a lot with set-UIDed processes. This was a valuable information to be leaned. Here is more information about this option.
PR_SET_DUMPABLE (Since Linux 2.3.20) Set the state of the flag determining whether core dumps are produced for this process upon delivery of a signal whose default behavior is to produce a core dump. (Normally this flag is set for a process by default, but it is cleared when a set-user-ID or set-group-ID program is executed and also by various system calls that manipulate process UIDs and GIDs). In kernels up to and including 2.6.12, arg2 must be either 0 (process is not dumpable) or 1 (process is dumpable). Between kernels 2.6.13 and 2.6.17, the value 2 was also permit‐ ted, which caused any binary which normally would not be dumped to be dumped readable by root only; for security reasons, this feature has been removed. (See also the description of /proc/sys/fs/suid_dumpable in proc(5).)