Bug 49635 - PATCH: tcpdump to drop root by default
Summary: PATCH: tcpdump to drop root by default
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Raw Hide
Classification: Retired
Component: tcpdump   
(Show other bugs)
Version: 1.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Harald Hoyer
QA Contact:
URL:
Whiteboard:
Keywords: FutureFeature
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-07-22 11:55 UTC by Pekka Savola
Modified: 2008-05-01 15:38 UTC (History)
0 users

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-09-04 09:37:08 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
drop root by default (1.75 KB, patch)
2001-07-22 11:56 UTC, Pekka Savola
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2001:089 normal SHIPPED_LIVE : Updated tcpdump packages available for Red Hat Linux 6.2 and 7.x 2001-06-28 04:00:00 UTC

Description Pekka Savola 2001-07-22 11:55:53 UTC
Due to security considerations, it might be a good idea drop root 
by default as 'pcap' user is being added for arpwatch anyway as "-U user" is rather
clumsy to use.

add autoheader, configure --with-user=pcap and there you go :-)

Naturally requires some basic username hacking in the src.rpm
(potential problem: both arpwatch and tcpdump require pcap user;
 solution: make arpwatch require tcpdump >= 3.6.2-7 or the like)

Comment 1 Pekka Savola 2001-07-22 11:56:30 UTC
Created attachment 24490 [details]
drop root by default

Comment 2 Harald Hoyer 2001-07-26 11:16:24 UTC
Question: Why can't we use nobody as a user, or does tcpdump need to write 
anything?


Comment 3 Harald Hoyer 2001-07-26 11:19:09 UTC
I think this would break all scripts that have:
tcpdump -w file
cause it is not assured, that user 'pcap' or any other default user has write 
access to 'file'.
Or we disable the droproot, if -w is specified.. Comments?


Comment 4 Pekka Savola 2001-07-26 11:30:31 UTC
nobody is used for dropping root the most often, so if the uid=nobody is
compromised,
the damage might spread too far.  With pcap, this would probably be more
contained.

Writing and reading files work because the patch is made so the dropping of
privileges is
only done after opening/creating the files.

Comment 5 Harald Hoyer 2001-09-04 09:24:21 UTC
tcpdump-3.6.2-9


Comment 6 Harald Hoyer 2001-09-04 09:25:52 UTC
oops... was, the drop by default ... hmm, not yet :)


Comment 7 Pekka Savola 2001-09-04 09:37:03 UTC
No big hurry with this I think.

Comment 8 Harald Hoyer 2002-01-17 15:25:36 UTC
should be fixed in 3.6.2-10 or newer



Note You need to log in before you can comment on or make changes to this bug.