1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
.\" Copyright 2002, 2006, 2008, 2012, 2013, 2015, Michael Kerrisk <mtk.manpages@gmail.com>
.\" Copyright 2024, Alejandro Colomar <alx@kernel.org>
.\"
.\" SPDX-License-Identifier: Linux-man-pages-copyleft
.\"
.TH PR_SET_DUMPABLE 2const 2024-06-02 "Linux man-pages (unreleased)"
.SH NAME
PR_SET_DUMPABLE
\-
set the "dumpable" attribute of the calling process
.SH LIBRARY
Standard C library
.RI ( libc ", " \-lc )
.SH SYNOPSIS
.nf
.BR "#include <linux/prctl.h>" " /* Definition of " PR_* " constants */"
.B #include <sys/prctl.h>
.P
.BI "int prctl(PR_SET_DUMPABLE, long " dumpable );
.fi
.SH DESCRIPTION
Set the state of the "dumpable" attribute,
which determines whether core dumps are produced for the calling process
upon delivery of a signal whose default behavior is to produce a core dump.
.P
.I dumpable
must be either
.B 0L
.RB ( SUID_DUMP_DISABLE ,
process is not dumpable) or
.B 1L
.RB ( SUID_DUMP_USER ,
process is dumpable).
.P
Normally, the "dumpable" attribute is set to 1.
However, it is reset to the current value contained in the file
.I /proc/sys/fs/\:suid_dumpable
(which by default has the value 0),
in the following circumstances:
.\" See kernel/cred.c::commit_creds() (Linux 3.18 sources)
.IP \[bu] 3
The process's effective user or group ID is changed.
.IP \[bu]
The process's filesystem user or group ID is changed (see
.BR credentials (7)).
.IP \[bu]
The process executes
.RB ( execve (2))
a set-user-ID or set-group-ID program, resulting in a change
of either the effective user ID or the effective group ID.
.IP \[bu]
The process executes
.RB ( execve (2))
a program that has file capabilities (see
.BR capabilities (7)),
.\" See kernel/cred.c::commit_creds()
but only if the permitted capabilities
gained exceed those already permitted for the process.
.\" Also certain namespace operations;
.P
Processes that are not dumpable can not be attached via
.BR ptrace (2)
.BR PTRACE_ATTACH ;
see
.BR ptrace (2)
for further details.
.P
If a process is not dumpable,
the ownership of files in the process's
.IR /proc/ pid
directory is affected as described in
.BR proc_pid (5).
.SH RETURN VALUE
On success,
0 is returned.
On error, \-1 is returned, and
.I errno
is set to indicate the error.
.SH ERRORS
.TP
.B EINVAL
.I arg2
is neither
.B SUID_DUMP_DISABLE
nor
.BR SUID_DUMP_USER .
.SH FILES
.TP
.I /proc/sys/fs/\:suid_dumpable
.TP
.IR /proc/ pid /
.SH STANDARDS
Linux.
.SH HISTORY
Linux 2.3.20.
.P
Between Linux 2.6.13 and Linux 2.6.17,
.\" commit abf75a5033d4da7b8a7e92321d74021d1fcfb502
the value
.B 2L
was also permitted,
which caused any binary which normally would not be dumped
to be dumped readable by root only;
for security reasons, this feature has been removed.
.\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=115270289030630&w=2
.\" Subject: Fix prctl privilege escalation (CVE-2006-2451)
.\" From: Marcel Holtmann <marcel () holtmann ! org>
.\" Date: 2006-07-12 11:12:00
(See also the description of
.I /proc/sys/fs/\:suid_dumpable
in
.BR proc_sys_fs (5).)
.SH SEE ALSO
.BR prctl (2),
.BR PR_SET_DUMPABLE (2const)
|
