Date: Sun, 14 Jul 2002 13:35:43 +0200 (CEST) From: Alexander Leidinger <Alexander@Leidinger.net> To: cjc@FreeBSD.ORG Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:29.tcpdump Message-ID: <200207141135.g6EBZhxQ064314@Magelan.Leidinger.net> In-Reply-To: <20020714085734.GD56656@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 14 Jul, Crist J. Clark wrote:
>> On a related matter: It would probably be a very good idea
>> for tcpdump to drop priviledges right after opening the BPF
>> device.
>
> tcpdump(8) never has elevated privileges. It just runs as whoever
> executes it. As you say, the way to run it at lower privileges is to
> give a less privileged user read access to the bpf(4) devices.
It could drop privileges (su to another UID like a never OpenSSH or
Apache does it) if it gets run by root...
Bye,
Alexander.
--
It's not a bug, it's tradition!
http://www.Leidinger.net Alexander @ Leidinger.net
GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207141135.g6EBZhxQ064314>