Bug 49635
Summary: | PATCH: tcpdump to drop root by default | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] Red Hat Raw Hide | Reporter: | Pekka Savola <pekkas> | ||||
Component: | tcpdump | Assignee: | Harald Hoyer <harald> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 1.0 | Keywords: | FutureFeature | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | i386 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Enhancement | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2001-09-04 09:37:08 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Pekka Savola
2001-07-22 11:55:53 UTC
Created attachment 24490 [details]
drop root by default
Question: Why can't we use nobody as a user, or does tcpdump need to write anything? I think this would break all scripts that have: tcpdump -w file cause it is not assured, that user 'pcap' or any other default user has write access to 'file'. Or we disable the droproot, if -w is specified.. Comments? nobody is used for dropping root the most often, so if the uid=nobody is compromised, the damage might spread too far. With pcap, this would probably be more contained. Writing and reading files work because the patch is made so the dropping of privileges is only done after opening/creating the files. tcpdump-3.6.2-9 oops... was, the drop by default ... hmm, not yet :) No big hurry with this I think. should be fixed in 3.6.2-10 or newer |