jatipper@vnet.IBM.COM says: > Can someone please explain what the security implications are if a > program results in a coredump? I have discovered several programs here on > my machines that can result in these. How could an intruder use these to > gain access? What are the best ways of combatting this? Any suid program that dumps core is a candidate for security holes for several reasons. 1) The core file itself may contain privileged information that should not be available to the user. (Many versions of unix will not allow suid programs to leave core files for this and other reasons.) 2) The core file indicates that there is some data driven way to get the program to misbehave. Often, that means that if I can only set the parameters to the program properly with careful study, I can manage to get it to overwrite key memory locations and allow me to break security. The recent sendmail debug flag bug wes of this form. Perry