On Feb 15, 2014, at 1:44 PM, Michael Richardson <m...@sandelman.ca> wrote:
> where do those headers come from? Would it make sense to just include > those headers with libpcap? That way netmap would always be available. There's "netmap", which is available only if the kernel includes netmap support; as long as all systems with a kernel with netmap also provide the headers (at least if you have a "developer package" for the OS installed if necessary), the headers aren't an issue for the availability of netmap. There's also "netmap support in libpcap", which would only be available if the headers are available on the system on which libpcap is built; that's also the case for some other OS features libpcap can use. If the OS kernel doesn't include netmap support by default, and we want the user to be able to add it to the kernel *and* have libpcap automatically be able to use it without having to rebuild libpcap, the headers *are* an issue. > Are there any issues if someone makes tcpdump (or wireshark, or some other > libpcap using program) setuid? (I don't see any call to popen()...) (I.e., is there any code in the netmap support that could be tricked into doing Bad Things, including handing off privileges to arbitrary programs if the program using libpcap is privileged?) _______________________________________________ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
