tcpdump mailing list archives

Re: why doesn't tcpdump drop privileges?

From: Andrew Pimlott <andrew () pimlott net>
Date: Wed, 21 Jan 2004 11:04:21 -0500

On Wed, Jan 21, 2004 at 08:05:27AM +0200, Pekka Savola wrote:

As for why I went for "pcap" instead of nobody in the first place..  
Red Hat bundles tcpdump with arpwatch, which I also coded to drop root
privileges.  Picking a specific user name for these two purposes
seemed only logical. (Arpwatch has to maintain a couple of files owned
by 'pcap' as well.)


I agree that picking a new user for this purpose is a sound choice.
However, if this user owns files (especially ones that might be run
or otherwise used by root), it seems to defeat the purpose.

Andrew
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe

Current thread:

Re: why doesn't tcpdump drop privileges?, (continued)
- - - Re: why doesn't tcpdump drop privileges? Jefferson Ogata (Jan 20)
    - Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 21)
    - Re: why doesn't tcpdump drop privileges? Jefferson Ogata (Jan 21)
    - Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 23)
    - Re: why doesn't tcpdump drop privileges? Ryan Mooney (Jan 21)
    - Re: why doesn't tcpdump drop privileges? Jefferson Ogata (Jan 21)
- Re: why doesn't tcpdump drop privileges? Earl Hood (Jan 20)
  - Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 20)
    - Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 20)
    - Re: why doesn't tcpdump drop privileges? Pekka Savola (Jan 20)
    - Re: why doesn't tcpdump drop privileges? Andrew Pimlott (Jan 21)
    - Re: why doesn't tcpdump drop privileges? Pekka Savola (Jan 21)
    - Re: why doesn't tcpdump drop privileges? Hannes Gredler (Jan 24)