From: Christian Brauner <brauner@xxxxxxxxxx> Date: Mon, 5 May 2025 16:06:40 +0200 > On Mon, May 05, 2025 at 03:08:07PM +0200, Jann Horn wrote: > > On Mon, May 5, 2025 at 1:14 PM Christian Brauner <brauner@xxxxxxxxxx> wrote: > > > Make sure that only tasks that actually coredumped may connect to the > > > coredump socket. This restriction may be loosened later in case > > > userspace processes would like to use it to generate their own > > > coredumps. Though it'd be wiser if userspace just exposed a separate > > > socket for that. > > > > This implementation kinda feels a bit fragile to me... I wonder if we > > could instead have a flag inside the af_unix client socket that says > > "this is a special client socket for coredumping". > > Should be easily doable with a sock_flag(). This restriction should be applied by BPF LSM. It's hard to loosen such a default restriction as someone might argue that's unexpected and regression.
