On Tue, Jan 20, 2004 at 06:31:08PM -0600, Earl Hood wrote: > I think so. I just a posted a patch for dropping priviledges in a > similiar style that the RedHat port of tcpdump does.
This must be the RedHat that never sends their patches back upstream. :-/ (I didn't see your patch because I just subscribed.) > By default, > it fallsback to the pcap userid, but you can also explicitly specify > which user via a command-line option. I don't know what the pcap user is for on RedHat, but I don't see why you would change to pcap instead of nobody. nobody is essentially by definition the least empowered user on the system, so isn't that the natural choice? > The default user to fallback on should probably be a configure > setting, but I did not mess with the autoconf stuff. Me neither. ;-) But the advantage of defaulting to nobody is that it will "just work" on most systems, and thus make more people safe than any scheme that requires explicit activation by a user or administrator. I don't mind a configure setting or command-line option to override the default, of course. I also agree (as I said in my other message) with supporting security mechanisms other than unix userid on systems that have them. Changing userid is just an easy first step. Andrew - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]