Date: Sat, 20 Apr 2002 14:51:39 -0700 From: "Crist J. Clark" <cjc@FreeBSD.ORG> To: Lyndon Nerenberg <lyndon@orthanc.ab.ca> Cc: freebsd-current@FreeBSD.ORG Subject: Re: Adding a 'bpf' group for /dev/bpf* Message-ID: <20020420145139.D76898@blossom.cjclark.org> In-Reply-To: <200204202139.g3KLdEJ80591@orthanc.ab.ca>; from lyndon@orthanc.ab.ca on Sat, Apr 20, 2002 at 03:39:14PM -0600 References: <200204202139.g3KLdEJ80591@orthanc.ab.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Apr 20, 2002 at 03:39:14PM -0600, Lyndon Nerenberg wrote: > For the benefit of packet sniffers and other things that only want > read-only access to /dev/bpf*, what do people think of adding a 'bpf' > group for those programs? This allows bpf devices to be read by > programs running with an effective gid of 'bpf' instead of the current > requirement for an effective user of root. I've been running this way > on many of our servers for several months now, and things like snort, > tcpdump, etc., are quite happy with it (under stable). I do this a lot too on systems where it makes sense. But I'm not sure I understand what you are asking to be done. Is it asking too much of an administrator to do, # echo 'sniff:*:80:<list of users>' >> /etc/group # chown root:sniff /dev/bpf* # chmod 640 /dev/bpf* To do the appropriate customizations? -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020420145139.D76898>