On Mon, Jul 15, 2002 at 04:52:25PM -0600, Dalin S. Owen wrote: > > Hello tcpdump/pcap people. :) > > An option to setuid/setgid tcpdump after it has attached to /dev/bpf? would be > nice. "-u" + "-g" options perhaps.
Actually, if you have "/dev/bpf?", you probably don't need that option, unless you want to require people to use only your tcpdump binary to do sniffing, as you can give the appropriate users read access to "/dev/bpf?". (You don't have to give them write access, so you can keep them from sending out raw frames.) That might require defining a group for capture privileges, if you want to give more than one user those privileges. (That may change in FreeBSD 5.0, as you could just add an ACL to the BPF devices and give individual users access.) It's platforms where you *don't* have "/dev/bpf?" that are an issue (although Digital UNIX also lets you give non-root users capture privileges on particular devices, and if Linux distributions had the right userland support you could grant particular users privileges to capture and send raw packets - you can't give capture privileges without send privileges, however). - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
