On Thu, 2 Sep 2004, Patrick Finnegan wrote:
<snip>
>
> Under the 2.6 linux kernel, you should be able to use capabilities to
> effect the same result, without opening up the entire "running a
> process as root" bag of worms. Just don't ask me how, as I've never
> used them yet, I just know that they are (should be) there.
Judging by the includes, it looks like there's a CAP_NET_RAW that'll allow a
process to access PACKET sockets. However, as far as I can tell, you
still have to be root to initialize them, and you still end up dropping
your root privileges.
They're also a little Linux specific for SIMH (imho) setuid(), setgid(), and
chroot() exist on most Unix's I know of. (Yes, alegedly capabilities are a
POSIX draft, but cap_init() & friends don't exist on Solaris, nor HPUX)
I suppose the one advantage to capabilities would be that you could retain
your ability to attach/detach network devices once you've dropped your root
privileges.
The one Linux specific bit of code I _DO_ intend to take a stab at is getting
rid of the promiscuous mode requirement. I figure adding a ethernet
address to the mac filter list w/ a promiscuous mode fallback is at least
slightly better.
But FWIW, I'll tidy up this patch and ship it off to Bob Supnik here in a few..
David
>
> Pat
> --
> Purdue University ITAP/RCS --- http://www.itap.purdue.edu/rcs/
> The Computer Refuge --- http://computer-refuge.org
>
Received on Thu Sep 02 2004 - 07:26:39 BST