Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 11 Aug 1996 15:55:49 +0900 (JST)
From:      max@sfc.wide.ad.jp
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   bin/1489: Non-super-users cannot use traceroute
Message-ID:  <199608110655.PAA01509@mail.tky007.tth.expo96.ad.jp>
Resent-Message-ID: <199608110700.AAA17477@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         1489
>Category:       bin
>Synopsis:       Non-super-users cannot use traceroute
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Aug 11 00:00:01 PDT 1996
>Last-Modified:
>Originator:     Masafumi NAKANE
>Organization:
>Release:        FreeBSD 2.2-CURRENT i386
>Environment:

	

>Description:

	
	In /usr/src/usr.sbin/traceroute/traceroute.c, setuid(getuid())
is performed before creating a raw socket which is to send out udp
packet, and thus, non-super-user cannot use the command.

>How-To-Repeat:

	
	As non-super-user:
	% traceroute some.host.domain

>Fix:
	
	
	Either create sndsock much earlier in the program (before
setuid(getuid()), or do setuid(getuid()) later in the program.  Since
it seems recent modification to the program was meant to make it more
secure by putting setuid(getuid()) earlier in the program to get rid
of the privilege, I suppose former solution should be taken.  I attach
my quick and dirty hack here, as it might be any use by chance.
     This is a patch to:
Header: /home/ncvs/src/usr.sbin/traceroute/traceroute.c,v 1.6 1996/08/09 06:00:53 fenner Exp

*** traceroute.c.orig	Sat Aug 10 11:08:59 1996
--- traceroute.c	Sun Aug 11 15:28:03 1996
***************
*** 307,312 ****
--- 307,317 ----
  		sockerrno = errno;
  	}
  
+ 	if ((sndsock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
+ 		perror("traceroute: raw socket");
+ 		exit(5);
+ 	}
+ 
  	setuid(getuid());
  
  	oix = optlist;
***************
*** 475,485 ****
  	if (options & SO_DONTROUTE)
  		(void) setsockopt(s, SOL_SOCKET, SO_DONTROUTE,
  				  (char *)&on, sizeof(on));
- 
- 	if ((sndsock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
- 		perror("traceroute: raw socket");
- 		exit(5);
- 	}
  
  	if (lsrr > 0) {
  	  lsrr++;
--- 480,485 ----
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608110655.PAA01509>