On Mon, 23 Feb 2004, Jefferson Ogata wrote: > > Ok, I've tested that this works at least with Linux. The attached > > patch moves dropping privileges a bit earlier. > > Isn't all that stuff just for running tcpdump setuid? Am I missing something? I > though someone was talking about privilege separation.
No, this is about running tcpdump without setuid as well. If setuid is used, the tcpdump has always switched to the real uid/gid (AFAIR). These modifications have changed the behaviour so that even if tcpdump is not setuid/setgid, it will drop the root privileges to only use specified username. > You know after all that discussion on this topic last month, Andrew Pimlott came > up with a patch to do a chroot/setuid that no one has commented on, AFAIK. Maybe > it's worth looking at...? Current tcpdump already implements everything except chroot AFAIK. Chroot would probably be a bit more difficult, because it might be difficult to agree to a directory to chroot to; there would have to be a command-line/compile-time toggle -- and when reading/writing capture files, you'd have to do some file descriptor passing tricks etc. I'm not personally sure whether it's worth it. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
