On Sat, 1 Mar 2025 16:03:17 +0800 (GMT+08:00) 范星宇 <[email protected]> wrote:
> Hello, > > The attached patch is to delete the judgment of whether it is the root user > when using "traceroute -s".When we use "traceroute -s" command as a non-root > regular user, a "you must be root" error occurs due to the validation of > whether getuid() is equal to 0. Even if CAP_NET_RAW permission is configured > by "setcap cap_net_raw+ep /bin/busybox", non-root users cannot use > "traceroute -s" as well. We consider that finer grained permission control > can be achieved through the capabilities(CAP) mechanism, rather than directly > verifying whether it is a root user.Kindly check the patch. > > > --- > *** 1070,1077 **** > > > #else > > > len_and_sockaddr *source_lsa = xdotted2sockaddr(source, 0); > > #endif > > - if (getuid() != 0) > > - bb_simple_error_msg_and_die(bb_msg_you_must_be_root); > > /* Ping4 does this (why?) */ > > if (af == AF_INET) > > if (setsockopt(sndsock, IPPROTO_IP, IP_MULTICAST_IF, > > --- 1070,1075 ---- > > > Thanks & Regards, > Xingyu Fan > > > | | > 范星宇 > | > | > [email protected] > | Hi, couldn't you check if the capability is available? Busybox has some facilities for that in libbb/capability.c. Take a look at it , hope this helps. Ciao, Tito _______________________________________________ busybox mailing list [email protected] https://lists.busybox.net/mailman/listinfo/busybox
