Re: Strange system() problem with snort

["Mark Wormgoor" <mark () wormgoor com>]

Hi,

> On Sun, Dec 30, 2001 at 10:59:52AM +0100, Mark Wormgoor wrote:
> > I have a small problem with starting snort from another program.  I'm
> > running snort 1.8.3 (from RPM) on a Redhat 7.2 based system.
> > When I start snort from the command line, it will start just fine:
> > /usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -z
>
> running snort non-root , while I nice idea, turns out to be a problem. I
had this same problem with my Demarc/Snort installation. I can't remember
the specific internal problems, but this stems from your other program not
having access to the pcap device, something along those lines...
> running snort as root, really doesn't hurt that much either ;)

Well, I managed to solve the problem myself.  Snort is started from a setuid
program.  Therefor, stdin and stdout were closed before the system call to
start snort.  Older versions of snort had no problems with this (1.8.1 for
example).
I have changed the program to reopen stdin from /dev/zero and stdout to
/dev/null and my problem is solved :)

Kind regards,

        Mark Wormgoor



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users