On Mon, 14 Aug 2006, Johannes Berg wrote:
In my seemingly never-ending quest to actually use the d80211 stack for
something useful I just wanted to write a small setuid tool that:
* creates and opens a new monitor interface
* drops priviledges
* ... does things with received frames ... (not interesting for this
discussion)
* removes new monitor interface
So I figured I'd just keep an fd open to
/sys/class/net/mymonitorinterface/remove_iface to which I could write the
interfaces name after I was done with it. However, when writing to that fd I
got -EACCESS because it checks for CAP_NET_ADMIN.
Why not have the tool create a monitor interface, open it, and fork; the
child drops privileges and does the reading, and the parent wait(2)s for
the child and removes the interface once it has collected the child?
Alexey
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
