From owner-freebsd-current  Sat Apr 20 14:39:23 2002
Delivered-To: freebsd-current@freebsd.org
Received: from orthanc.ab.ca (orthanc.ab.ca [216.123.203.186])
	by hub.freebsd.org (Postfix) with ESMTP id 8CE2F37B416
	for <freebsd-current@freebsd.org>; Sat, 20 Apr 2002 14:39:14 -0700 (PDT)
Received: from orthanc.ab.ca (localhost.orthanc.ab.ca [127.0.0.1])
	by orthanc.ab.ca (8.11.6/8.11.6) with ESMTP id g3KLdEJ80591
	for <freebsd-current@freebsd.org>; Sat, 20 Apr 2002 15:39:14 -0600 (MDT)
	(envelope-from lyndon@orthanc.ab.ca)
Message-Id: <200204202139.g3KLdEJ80591@orthanc.ab.ca>
To: freebsd-current@freebsd.org
Subject: Adding a 'bpf' group for /dev/bpf*
Organization: The Frobozz Magic Homing Pigeon Company
X-Mailer: mh-e 5.0.92; MH 6.8.4; Emacs 21.1
Date: Sat, 20 Apr 2002 15:39:14 -0600
From: Lyndon Nerenberg <lyndon@orthanc.ab.ca>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

For the benefit of packet sniffers and other things that only want
read-only access to /dev/bpf*, what do people think of adding a 'bpf'
group for those programs?  This allows bpf devices to be read by
programs running with an effective gid of 'bpf' instead of the current
requirement for an effective user of root.  I've been running this way
on many of our servers for several months now, and things like snort,
tcpdump, etc., are quite happy with it (under stable).

--lyndon

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message