I'm sure I'm missing something obvious here, but why can't tcpdump run
SUID root?
[root@dimebar sbin]# rpm -V tcpdump
[root@dimebar sbin]# ll tcpdump
-rwxr-xr-x 1 root root 225564 Feb 14 2001 tcpdump
[root@dimebar sbin]# chmod 4755 tcpdump
[root@dimebar sbin]# ll tcpdump
-rwsr-xr-x 1 root root 225564 Feb 14 2001 tcpdump
[root@dimebar sbin]# suspend
[prowlands@dimebar sbin]$ ./tcpdump
tcpdump: socket: Operation not permitted
[prowlands@dimebar sbin]$ uname -a
Linux dimebar 2.4.3-12 #1 Fri Jun 8 15:05:56 EDT 2001 i686 unknown
Something to do with capabilities? I can't find anything special about
sendmail and traceroute, but SUID root seems to work for them.
Cheers,
Phil
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
