>>>>> "Torsten" == Torsten Landschoff <[EMAIL PROTECTED]> writes:
Torsten> What do you think? I wanted to attach a simple patch but since fopen is
Torsten> used for opening the file and since there is a windows port of libpcap
Torsten> it is not quite that easy. One could as well invoke umask in tcpdump's
Torsten> main if available.
I suggest:
#if UNIX
if(getuid()==0 || geteuid()!=getuid()) { /* or some other appropriate
variation*/
umask(022);
}
#endif
I think that if one controls dumping via modes on a file in /dev, so that
mortals can tcpdump without setuid if they wish, then the file should observe
the user's umask.
] Train travel features AC outlets with no take-off restrictions|gigabit is no[
] Michael Richardson, Solidum Systems Oh where, oh where has|problem with[
] [EMAIL PROTECTED] www.solidum.com the little fishy gone?|PAX.port 1100[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
