On Wed, Sep 23, 2009 at 10:30:10PM +0200, Arnout Engelen wrote:
>
> On Wed, Sep 23, 2009 at 03:08:17PM -0400, Jeffrey Sheinberg wrote:
> > Nethogs refuses to run from a non-root user under super (an suid root
> > program), it also refuses to run as a non-root user if it is set suid
> > root directly.
>
> There is a compile-time 'NEEDROOT' option in nethogs.h which turns off the
> (indeed crude) root check on startup.
>
> When set to false and run as an unprivileged user, it seems to fail fairly
> elegantly with a
>
> creating socket failed while establishing local IP - are you root?
>
> I can't really remember why we're checking for root at all. Unless I think of
> something, I'd say NEEDROOT can at least be set to false by default, or
> (better yet, I guess) the check can be removed from the code entirely.
>
I wouldn't remove the check, it is nicer for the user to get a
meaningful error message 'You need to be root to run NetHogs', rather
than one she doesn't understand, like 'creating socket failed...'.
I can take a guess and what's going on here is that nethogs calls
getuid() instead of calling geteuid(). Try 'man getuid' for some
skimpy details.
Better yet, there is a book "Advanced Programming in the Unix
Environment", by W. R. Stevens - it is a classic, now in its second
addition (last time I looked). I have the first edition, here are
some references that clarify setuid programs,
1. Section 8.10 Changing User Ids & Group Ids
p. 213
2. Section 4.4 Set-User-Id and Set-Group-Id
p. 77
3. Section 8.2 Process Identification
p. 188
Thanks,
--
Jeffrey Sheinberg
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
