tcpdump mailing list archives

Re: OpenBSD work on Tcpdump privilege separation

From: Jefferson Ogata <Jefferson.Ogata () noaa gov>
Date: Mon, 23 Feb 2004 04:42:26 -0500

Pekka Savola wrote:

On Sun, 22 Feb 2004, Pekka Savola wrote:
The current tcpdump just drops privileges before pretty much anythingis done. Now looking at the code, maybe the privilege separationcould be done even slightly earlier in the "pcap_open_live" branch,e.g., after pcap_open_live, but I haven't tested this. I guess itdepends on whether pcap_set_datalink, pcap_snapshot (this one mightbe dangerous with root!) or pcap_lookupnet requires root privileges.
This might be worth experimenting with.
Ok, I've tested that this works at least with Linux. The attachedpatch moves dropping privileges a bit earlier.

Isn't all that stuff just for running tcpdump setuid? Am I missing something? Ithough someone was talking about privilege separation.

You know after all that discussion on this topic last month, Andrew Pimlott cameup with a patch to do a chroot/setuid that no one has commented on, AFAIK. Maybeit's worth looking at...?


--
Jefferson Ogata <Jefferson.Ogata () noaa gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt () noaa gov>

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe

Current thread:

OpenBSD work on Tcpdump privilege separation Richard Bejtlich (Feb 21)
- Re: OpenBSD work on Tcpdump privilege separation Pekka Savola (Feb 21)
  - Re: OpenBSD work on Tcpdump privilege separation Guy Harris (Feb 22)
    - SIOCGIFCONF under Linux on Itanium in 32 bit compatibility mode Shaun (Feb 22)
    - Re: SIOCGIFCONF under Linux on Itanium in 32 bit compatibility mode Guy Harris (Feb 22)
    - Re: SIOCGIFCONF under Linux on Itanium in 32 bit compatibility mode Shaun (Feb 22)
    - Re: SIOCGIFCONF under Linux on Itanium in 32 bit compatibility mode Guy Harris (Feb 27)
    - Re: OpenBSD work on Tcpdump privilege separation Guy Harris (Feb 22)
  - Re: OpenBSD work on Tcpdump privilege separation Pekka Savola (Feb 22)
    - Re: OpenBSD work on Tcpdump privilege separation Jefferson Ogata (Feb 23)
    - Re: OpenBSD work on Tcpdump privilege separation Pekka Savola (Feb 23)
    - Re: OpenBSD work on Tcpdump privilege separation Jefferson Ogata (Feb 24)
    - Re: OpenBSD work on Tcpdump privilege separation Andrew Pimlott (Feb 23)
    - Re: OpenBSD work on Tcpdump privilege separation Pekka Savola (Feb 23)
    - Re: OpenBSD work on Tcpdump privilege separation Michael Richardson (Feb 24)
    - Re: OpenBSD work on Tcpdump privilege separation Jefferson Ogata (Feb 24)
    - privileges and 'C' -flag [Re: OpenBSD work on Tcpdump privilege separation] Pekka Savola (Feb 24)
    - Re: OpenBSD work on Tcpdump privilege separation Hannes Gredler (Feb 23)
    - Re: OpenBSD work on Tcpdump privilege separation Pekka Savola (Feb 23)
    - Re: OpenBSD work on Tcpdump privilege separation Hannes Gredler (Feb 24)

(Thread continues...)