Andrew Edgecombe wrote: > > Why not set the suid bit on the tcpreplay executable? > > eg. > > sudo chmod a+s /usr/local/bin/tcpreplay > > > > or am I missing something? >
Aaron Turner replied: > Uh. Nope, you're not missing anything. Better solution actually. Given that tcpreplay doesn't drop setuid after opening the replay interface(s), making tcpreplay setuid root is rather a poor idea, I would say (although still better than some of the alternatives). While I haven't seen any direct way that the arguments to tcpreplay could be used to overwrite /etc/passwd, it certainly would be possible to tell tcpreplay to read packets from /etc/shadow or other files that are supposed to be read only by root. Of course, reading such packets isn't likely to work very well, but it might work well enough for somebody to get access to the contents. Given that this sort of thing is likely to come up again on different systems, it's probably not a bad idea to have tcpreplay call seteuid(getuid()) after it opens the output interfaces (and before it opens the input files) to minimize the possible harm if somebody does make it setuid root. It definitely should not be installed setuid root by default, but there will surely be some who want to do this. (Note that this protection is useful even with sudo as well, since sudo may not protect against passing /etc/shadow or other read-only-by-root files, depending on how it is set up). @alex -- mailto:[EMAIL PROTECTED] ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Tcpreplay-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/tcpreplay-users Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
