Date: Fri, 12 Mar 1999 14:11:11 -0500 (EST) From: Joseph Scott <joseph@randomnetworks.com> To: randyk <randyk@ccsales.com> Cc: questions@FreeBSD.ORG Subject: Re: A Perl/Socket question Message-ID: <Pine.BSF.4.10.9903121406570.3200-100000@sonic.digital-web.net> In-Reply-To: <19990311151836.13691@ccsales.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 11 Mar 1999, randyk wrote:
> Hi,
Howdy.
> I'm a little confused:
Well with any luck it won't last for long :-)
>
> What makes this HAVE TO run as root?
>
> $self->{"proto_num"} = (getprotobyname('icmp'))[2] ||
> croak("Can't get icmp protocol by name");
> $self->{"pid"} = $$ & 0xffff; # Save lower 16 bits of pid
> $self->{"fh"} = FileHandle->new();
> socket($self->{"fh"}, &PF_INET(), &SOCK_RAW(), $self->{"proto_num"}) ||
> croak("icmp socket error - $!");
Right off the top of my head I would say that it has to run as
root because of it's use of icmp.
>
> This is called from Ping.pm in the Net::Ping module which obviously
> makes a call to the Socket.pm module and I've looked in there and do
> not understand why this returns an "Operation not permitted Ping icmp"
> when not run by superuser (root).
I haven't played with this specifically, but ok.
>
> It seems to use the same call as ping does...and I need to move the
> restriction from the other
> user...or code an exception...so my web based utility will work with it...
Take a look a the ping program on your freebsd box :
prompt>which ping
/sbin/ping
prompt>ls -lga /sbin/ping
-r-sr-xr-x 1 root wheel 144376 Feb 15 02:43 /sbin/ping
^
The sbit set to run as root no matter which user is actually
running the program.
>
> Thank you,
> Randy Katz
You may be able to get more info from a perl specific group.
Joseph Scott
joseph@randomnetworks.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9903121406570.3200-100000>