Public bug reported: The latest version of iputils have the option of using SOCK_DGRAM packets instead of SOCK_RAW, provided that the net.ipv4.ping_group_range sysctl is set to a different value. This helps a lot with security in -not just- Linux containers by dropping support for the NET_RAW capability.
Also, the ubuntu-minimal packages should not include this package as a hard dependency in case I want to uninstall iputils-ping to substitute it for another package like oping which just works if I turn off the setuid bit. ** Affects: iputils (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to iputils in Ubuntu. https://bugs.launchpad.net/bugs/1588917 Title: Upgrade ping to latest version that doesn't require SUID or NET_RAW capability Status in iputils package in Ubuntu: New Bug description: The latest version of iputils have the option of using SOCK_DGRAM packets instead of SOCK_RAW, provided that the net.ipv4.ping_group_range sysctl is set to a different value. This helps a lot with security in -not just- Linux containers by dropping support for the NET_RAW capability. Also, the ubuntu-minimal packages should not include this package as a hard dependency in case I want to uninstall iputils-ping to substitute it for another package like oping which just works if I turn off the setuid bit. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iputils/+bug/1588917/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp