tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: tcpdump: drop privileges by default?



On Wed, Sep 09, 2009 at 03:28:06PM -0400, Elad Efrat wrote:
> Jukka Ruohonen wrote:
>
>> Would it be reasonable to drop root privileges in tcpdump(1) by default?
>
> Very.
>
>> On the other hand, this would clutter the system a little. 
>
> I don't think it clutters the system at all.
>
>> It may also be
>> questionable if this adds any value in terms of security. 
>
> I disagree: it reads data from the network and it runs as root.

I think it, and a lot of similar things, should be paxctl +A +M at
install time.  What do you think?

-- 
Thor Lancelot Simon                                        
tls%rek.tjls.com@localhost
    "Even experienced UNIX users occasionally enter rm *.* at the UNIX
     prompt only to realize too late that they have removed the wrong
     segment of the directory structure." - Microsoft WSS whitepaper


Home | Main Index | Thread Index | Old Index