Praveen's Blog

An Eternal Quest for Incremental Improvement

Dumping core file from set-UID, set-GID 'ed processes in Solaris

I had a previous post on how to turn on core files for set-UID, set-GID processes under Linux. Recently we ran into the same problem on Solaris. To turn on core files for set-id processes, use coreadm.

$ pfexec coreadm -e global-setid

Please keep in mind that these core files can have information that non-privileged user isn't supposed to know. Quoting from Solaris man page:

A process that is or ever has been setuid or setgid since its last
exec(2) presents security issues that relate to dumping
core. Similarly, a process that initially had superuser privileges and
lost those privileges through setuid(2) also presents security issues
that are related to dumping core. A process of either type can contain
sensitive information in its address space to which the current
nonprivileged owner of the process should not have access. If setid
core files are enabled, they are created mode 600 and owned by the