mån 2010-06-21 klockan 21:52 +0100 skrev Andrew Beverley: > I have done some initial scoping, but have discovered that in order to > mark a packet using setsockopt(), the process needs to be run as root.
Are you sure it needs root and not just a suitable capability flag? From what I can tel CAP_NET_ADMIN is sufficient. Most things are protected by capability flags these days, not by uid==0. Regards Henrik
