Date: Fri, 27 Aug 2010 16:31:10 +0200 From: Pieter de Boer <pieter@thedarkside.nl> To: =?UTF-8?B?SXN0dsOhbg==?= <leccine@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: tcpdump -z Message-ID: <4C77CC2E.4030408@thedarkside.nl> In-Reply-To: <AANLkTikgbBzUmd0fBaGfQQqR_SFXA82yhBk0WAffX-Si@mail.gmail.com> References: <slrni7eu1h.21lb.vadim_nuclight@kernblitz.nuclight.avtf.net> <4C77A267.10102@thelostparadise.com> <AANLkTim1frPvChMJfDLnHe6LW3HnR=AWeYcCsf-tx3V-@mail.gmail.com> <5d88fc9506514cabc7390e66a1f9872f@localhost> <AANLkTikgbBzUmd0fBaGfQQqR_SFXA82yhBk0WAffX-Si@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 08/27/2010 04:27 PM, István wrote: > Well to be honest i don't see any case when i want to give sudo+tcpdump > access to any user on my box. And those who are admins/roots anyway the "su > -" just works perfectly and they can run tcpdump. > I simply change the permissions on /dev/bpf* so that some mortal users can run tcpdump directly. It isn't as granular as a well-configured sudo, but worksforme. -- Pieter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C77CC2E.4030408>