Snort mailing list archives
Re: non-root user cannot run snort
From: Matt Kettler <mkettler () evi-inc com>
Date: Tue, 27 Jan 2004 13:38:38 -0500
At 08:09 AM 1/27/2004, Robert Storey wrote:
It's funny that the Snort users manual makes no mention of this issue. I think I will write the authors and suggest that it be included.
Quite frankly, it should be *obvious* that snort can't be directly executed by a non-root user....
if a non-root user could start snort, that user could VERY easily compromise the entire machine as a root user.
Not to be rude, but anyone who runs snort really should have enough background in security to understand why non-root users can't be allowed to initiate sniffing interfaces. This is VERY basic security stuff. Along the lines of "don't make your password file world-writable".
hint: if a non-root user can sniff interfaces, they can sniff them for login passwords (if non-encrypted protocols are used), engage in session hijacking, data injection, etc. It would be relatively easy to gain the privileges of other users this way.
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- non-root user cannot run snort Robert Storey (Jan 26)
- Re: non-root user cannot run snort Edin Dizdarevic (Jan 26)
- Re: non-root user cannot run snort Erwin Van de Velde (Jan 26)
- Re: non-root user cannot run snort d_greenjr (Jan 26)
- Re: non-root user cannot run snort Robert Storey (Jan 27)
- Re: non-root user cannot run snort Robert Storey (Jan 27)
- Re: non-root user cannot run snort Matt Kettler (Jan 27)
- Re: non-root user cannot run snort Robert Storey (Jan 27)
- Re: non-root user cannot run snort Edin Dizdarevic (Jan 29)
- Re: non-root user cannot run snort Edin Dizdarevic (Jan 27)
- Re: non-root user cannot run snort Matt Kettler (Jan 27)
- Re: non-root user cannot run snort Brian (Jan 31)
- <Possible follow-ups>
- RE: non-root user cannot run snort Grime, Richard S (Jan 26)
- location to download barnyard samwun (Jan 26)