Re: why doesn't tcpdump drop privileges?

[Pekka Savola <pekkas () netcore fi>]

On Tue, 20 Jan 2004, Andrew Pimlott wrote:
> On Tue, Jan 20, 2004 at 06:31:08PM -0600, Earl Hood wrote:
> > I think so.  I just a posted a patch for dropping priviledges in a
> > similiar style that the RedHat port of tcpdump does.
>
> This must be the RedHat that never sends their patches back
> upstream.  :-/

Well, speaking as the one who made the patch in the first place, maybe
2-3 years ago, I did send it to this list a LONG time ago, but didn't
bother re-sending too many times because there appeared to be very
little interest in the patches.

As for why I went for "pcap" instead of nobody in the first place..  
Red Hat bundles tcpdump with arpwatch, which I also coded to drop root
privileges.  Picking a specific user name for these two purposes
seemed only logical. (Arpwatch has to maintain a couple of files owned
by 'pcap' as well.)

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings


-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe