From owner-freebsd-bluetooth@FreeBSD.ORG  Mon Mar 28 20:04:32 2011
Return-Path: <owner-freebsd-bluetooth@FreeBSD.ORG>
Delivered-To: freebsd-bluetooth@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 24FB4106564A;
	Mon, 28 Mar 2011 20:04:32 +0000 (UTC)
	(envelope-from maksim.yevmenkin@gmail.com)
Received: from mail-iw0-f182.google.com (mail-iw0-f182.google.com
	[209.85.214.182])
	by mx1.freebsd.org (Postfix) with ESMTP id D28468FC17;
	Mon, 28 Mar 2011 20:04:31 +0000 (UTC)
Received: by iwn33 with SMTP id 33so4924860iwn.13
	for <multiple recipients>; Mon, 28 Mar 2011 13:04:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type;
	bh=CjVO2tRbFHrReu/MWj0xlK4GQ6qD+ZBdOJi6xCcZYoA=;
	b=OFWxI1udhqObKVlsbK7D7Th+w7Mhb7qx8Lcwk1LUN5yPPTCN3vRx4rX8bZiyrJ5oNx
	lsKjIX0vLwp1Q601tirkDlnokemp0gUkjY/1t3sHc9rhugw/ZNTXZfdGT22FbE85Fsox
	TUp/mA6CjwCgcTmtYLMPpsqI7pF5OoH3VHc3Q=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=ofVOa6G1EJZa5w4nXWc31HLpsqGYZmJidN9Mal5KmTSkbFw7Xr89JYA380WKhxEvT0
	SiOx6sAKHIAqO+9QEUfeSMx3hyziTqafYElukc5YPHxMzhaL+y1O8zY4Kj3iXDDXZxdh
	OFH0fjDXCeGzf0n//gHpaEl2asWRdiMBF+tQ0=
MIME-Version: 1.0
Received: by 10.43.60.205 with SMTP id wt13mr7385508icb.253.1301342670992;
	Mon, 28 Mar 2011 13:04:30 -0700 (PDT)
Received: by 10.42.166.71 with HTTP; Mon, 28 Mar 2011 13:04:30 -0700 (PDT)
In-Reply-To: <20110328195952.GA26987@freebsd.org>
References: <20110328001258.GA70156@freebsd.org>
	<alpine.NEB.2.00.1103280751410.3331@galant.ukfsn.org>
	<20110328101804.GA39095@freebsd.org>
	<alpine.NEB.2.00.1103281452520.27263@galant.ukfsn.org>
	<AANLkTikLj7QumdtPcB=wGBdyxOyHBusCzUbrtXVC+Yt1@mail.gmail.com>
	<20110328195952.GA26987@freebsd.org>
Date: Mon, 28 Mar 2011 13:04:30 -0700
Message-ID: <AANLkTin_+8dxE8Go1Bk1vdFg2-bUZ-fn3OHX1RTRmfKa@mail.gmail.com>
From: Maksim Yevmenkin <maksim.yevmenkin@gmail.com>
To: Alexander Best <arundel@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Cc: freebsd-bluetooth@freebsd.org
Subject: Re: l2ping(8) and -f switch
X-BeenThere: freebsd-bluetooth@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Using Bluetooth in FreeBSD environments
	<freebsd-bluetooth.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bluetooth>, 
	<mailto:freebsd-bluetooth-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bluetooth>
List-Post: <mailto:freebsd-bluetooth@freebsd.org>
List-Help: <mailto:freebsd-bluetooth-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bluetooth>, 
	<mailto:freebsd-bluetooth-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Mar 2011 20:04:32 -0000

On Mon, Mar 28, 2011 at 12:59 PM, Alexander Best <arundel@freebsd.org> wrote:
> On Mon Mar 28 11, Maksim Yevmenkin wrote:
>> On Mon, Mar 28, 2011 at 7:04 AM, Iain Hibbert <plunky@rya-online.net> wrote:
>> > On Mon, 28 Mar 2011, Alexander Best wrote:
>> >
>> >> On Mon Mar 28 11, Iain Hibbert wrote:
>> >> > On Mon, 28 Mar 2011, Alexander Best wrote:
>> >> >
>> >> > > thus i believe making the -f switch only accessable to super-users (in
>> >> > > accordance with ping(8)/ping6(8)) would increase security.
>> >> >
>> >> > what stops the user from recompiling l2ping without this restriction?
>> >>
>> >> nothing. but what stops him from recompiling ping(8) or ping6(8) without the
>> >> restriction? still it's there.
>> >
>> > AFAIK you need superuser privileges to even send ICMP_ECHO packets, thats
>> > why ping is traditionally a suid program and making a new binary won't
>> > help normal users..  I'm guessing that l2ping doesn't have the same
>> > restrictions?
>>
>> Guys,
>>
>> first of all thanks for the patch.
>>
>> i think one really needs to understand what "flood" really means in
>> l2ping(8). "flood" ping(8) basically floods the link with icmp echo
>> requests without waiting for remote system to reply. yes, this is
>> potentially dangerous and thus its reasonable to require super-user
>> privileges. "flood" l2ping(8) is NOT the same. all l2ping(8) does is
>> "flood" mode
>>
>> 1) sends l2cap echo request
>> 2) waits for l2cap echo response (or timeout)
>> 3) repeats
>>
>> in other words, there is no delay between each l2cap echo
>> request-response transaction. its not really "flood". i'm not sure if
>> it really worth to go all the way to restricting this. however, if
>> people think that it should be restricted, i will not object.
>
> how about removing the term "flood" from the l2ping(2) man page, if the -f
> semantics can't actually be called that way?

that would be fine. l2ping(8) -h calls it

-f         No delay (sort of flood)

and l2ping(8) man page calls it

-f      ``Flood'' ping, i.e., no delay between packets.

it would be nice to make those consistent :) i'm not sure what the
best name would be though.

thanks,
max