[PATCH] do_notify_parent_cldstop() cleanup

[linux-2.6] / Documentation / sysctl / kernel.txt

diff --git a/Documentation/sysctl/kernel.txt b/Documentation/sysctl/kernel.txt
index 35159176997b636d561c441fb974fe241a1c8bc6..9f11d36a8c109a82e928ace49c4394e19ca2d8e2 100644 (file)
--- a/Documentation/sysctl/kernel.txt
+++ b/Documentation/sysctl/kernel.txt
@@ -49,6 +49,7 @@ show up in /proc/sys/kernel:
 - shmmax                      [ sysv ipc ]
 - shmmni
 - stop-a                      [ SPARC only ]
+- suid_dumpable
 - sysrq                       ==> Documentation/sysrq.txt
 - tainted
 - threads-max
@@ -300,6 +301,25 @@ kernel.  This value defaults to SHMMAX.
 
 ==============================================================
 
+suid_dumpable:
+
+This value can be used to query and set the core dump mode for setuid
+or otherwise protected/tainted binaries. The modes are
+
+0 - (default) - traditional behaviour. Any process which has changed
+       privilege levels or is execute only will not be dumped
+1 - (debug) - all processes dump core when possible. The core dump is
+       owned by the current user and no security is applied. This is
+       intended for system debugging situations only. Ptrace is unchecked.
+2 - (suidsafe) - any binary which normally would not be dumped is dumped
+       readable by root only. This allows the end user to remove
+       such a dump but not access it directly. For security reasons
+       core dumps in this mode will not overwrite one another or
+       other files. This mode is appropriate when adminstrators are
+       attempting to debug problems in a normal environment.
+
+==============================================================
+
 tainted: 
 
 Non-zero if the kernel has been tainted.  Numeric values, which