Post by Ravi Pokala
By default, a process that changes user or group credentials
whether real or effective will not create a corefile.
This behaviour can be changed to generate a core dump by setting the sysctl(8) variable kern.sugid_coredump to 1.
Can someone explain why?
Real/effective user/group id often are changed for a process started
by non-privilegied user running set[ug]id binary like csh/chpass/passwd(1)
that can read sensitive system data similar to /etc/master.passwd
containing password hashes. If such utility reads sensitive data
and then crashes due to a bug, its coredump may leak data to unexpected places
of file system like /home partition, then go to a dump/backup of file system,
get uploaded offsite as part of backup etc. That should not happen by default.