tcpdump mailing list archives
Re: why doesn't tcpdump drop privileges?
From: Andrew Pimlott <andrew () pimlott net>
Date: Wed, 21 Jan 2004 11:04:21 -0500
On Wed, Jan 21, 2004 at 08:05:27AM +0200, Pekka Savola wrote:
As for why I went for "pcap" instead of nobody in the first place.. Red Hat bundles tcpdump with arpwatch, which I also coded to drop root privileges. Picking a specific user name for these two purposes seemed only logical. (Arpwatch has to maintain a couple of files owned by 'pcap' as well.)
I agree that picking a new user for this purpose is a sound choice. However, if this user owns files (especially ones that might be run or otherwise used by root), it seems to defeat the purpose. Andrew - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- Re: why doesn't tcpdump drop privileges?, (continued)
- Re: why doesn't tcpdump drop privileges? Jefferson Ogata (Jan 20)
- Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 21)
- Re: why doesn't tcpdump drop privileges? Jefferson Ogata (Jan 21)
- Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 23)
- Re: why doesn't tcpdump drop privileges? Ryan Mooney (Jan 21)
- Re: why doesn't tcpdump drop privileges? Jefferson Ogata (Jan 21)
- Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 20)
- Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 20)
- Re: why doesn't tcpdump drop privileges? Pekka Savola (Jan 20)
- Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 21)
- Re: why doesn't tcpdump drop privileges? Pekka Savola (Jan 21)
- Re: why doesn't tcpdump drop privileges? Hannes Gredler (Jan 24)