Package: iotop-c Version: 1.26-1 Severity: wishlist X-Debbugs-Cc: landry.min...@celeste.fr
Dear Maintainer, At first start as a "normal" user, iotop-c suggests to set the NET_ADMIN capability: > The Linux kernel interfaces that iotop relies on now require root privileges > or the NET_ADMIN capability. This change occurred because a security issue > (CVE-2011-2494) was found that allows leakage of sensitive data across user > boundaries. If you require the ability to run iotop as a non-root user, please > configure sudo to allow you to run iotop as root. > > Alternatively to using sudo the NET_ADMIN capability can be set by > > $ sudo setcap 'cap_net_admin+eip' <path-to>/iotop > > Be warned that this will also allow other users to run it and get access to > information that normally should not be available to them. > > Please do not file bugs on iotop about this. Like other packages like wireshark-common do with dumpcap binary, iotop-c should suggests user to set capabilities, eventualy for a single group of users at install time. Thanks, -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.7.12-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages iotop-c depends on: ii libc6 2.37-19 ii libncursesw6 6.4+20240414-1 ii libtinfo6 6.4+20240414-1 iotop-c recommends no packages. iotop-c suggests no packages. -- debconf-show failed
