Date: Wed, 27 Mar 2019 03:31:45 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 236819] [tcpdump] capsicum-related changes broke reading IPsec ESP decryption keys from a file Message-ID: <bug-236819-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D236819 Bug ID: 236819 Summary: [tcpdump] capsicum-related changes broke reading IPsec ESP decryption keys from a file Product: Base System Version: 11.2-STABLE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: bin Assignee: net@FreeBSD.org Reporter: eugen@freebsd.org tcpdump(8) manual page documents command line option -E that may involve reading keys from a file: In addition to the above syntax, the syntax ``file name'' may= be used to have tcpdump read the provided file in. The file is opened upon receiving the first ESP packet, so any special permissions that tcpdump may have been given should already h= ave been given up. This is currently broken in stable/11: # tcpdump -E 'file /tmp/keys.txt' -s0 -np -i em0 host 1.1.1.1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes tcpdump: print_esp: can't open /tmp/keys.txt: Not permitted in capability m= ode --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-236819-7501>