[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/48005 (tcpdump: option -C broken)
The following reply was made to PR bin/48005; it has been noted by GNATS.
From: "David H. Gutteridge" <dhgutteridge%sympatico.ca@localhost>
Subject: Re: bin/48005 (tcpdump: option -C broken)
Date: Wed, 22 Mar 2017 16:02:01 -0400
>I learned that tcpdump has this option from your bug report and decided
>to modify the pkgsrc package to do the same since it can do it too.
>Thanks for mentioning it.
>I think it's more than worth it, tcpdump recently had the following
>advisory: http://seclists.org/oss-sec/2017/q1/230 (All of them are the
Sure, but this change violates "the principle of least surprise", since
it significantly alters how the software behaves. At the least, the
pkgsrc version should have a MESSAGE file provided that warns users it
runs unprivileged by default, since this will break the very
functionality under discussion in this PR. (And it will still behave
inconsistently from the native NetBSD version concerning the initial
It's frustrating that tools like this are altered and then these
alterations are not fully documented, as is presently the case with
the native NetBSD version (which opens the initial input file before
dropping privileges, unlike upstream tcpdump).
Main Index |
Thread Index |