Hi Marcos,
I'm the upstream author.
I broadly agree with Sven, and think that it's best to build with libcap
capabilities support if possible because it increases security.
arp-scan's needs are similar to ping: the only capability it needs on Linux
is CAP_NET_RAW, and it only needs to enable
Hi Sven,
Thanks for your report!
arp-scan is an admin command. It is installed (by default) in
/usr/sbin/, this directory is not in the $PATH of a normal user.
Personally, I don't think it's a good idea for a non-privileged user to
execute administrator commands, although it's a matter of
Package: arp-scan
Version: 1.10.0-1
Severity: normal
Reading the NEWS.md file, it seems that arp-scan should be built with
POSIX.1e capabilities support on Linux. Probably you want to add
libcap-dev to Build-Depends (on Linux architectures) and try
"setcap cap_net_raw+p /usr/sbin/arp-scan" in
3 matches
Mail list logo
