Re: [tcpdump-workers] [PATCH] Drop unneeded capabilities

Michael Richardson wrote: "Pekka" == Pekka Savola <[EMAIL PROTECTED]> writes: Pekka> Have you checked the code in the CVS? It already includes a Pekka> "droproot" option. Pekka> Yours is slightly different, though, as it uses Pekka> (Linux-specific?) capabilities. I'm not sure if

Re: [tcpdump-workers] [PATCH] Drop unneeded capabilities

-BEGIN PGP SIGNED MESSAGE- > "Pekka" == Pekka Savola <[EMAIL PROTECTED]> writes: Pekka> Have you checked the code in the CVS? It already includes a Pekka> "droproot" option. Pekka> Yours is slightly different, though, as it uses Pekka> (Linux-specific?) capabilities.

Re: [tcpdump-workers] [PATCH] Drop unneeded capabilities

Pekka Savola wrote: On Wed, 23 Jun 2004, Matt Beaumont wrote: I've written a little patch to drop all but the CAP_NET_ADMIN and CAP_NET_RAW capabilities immediately if tcpdump is running with root privileges. The idea is to limit the damage done by an exploit against tcpdump. Some of the inspirati

Re: [tcpdump-workers] [PATCH] Drop unneeded capabilities

On Wed, 23 Jun 2004, Matt Beaumont wrote: > I've written a little patch to drop all but the CAP_NET_ADMIN and > CAP_NET_RAW capabilities immediately if tcpdump is running with root > privileges. The idea is to limit the damage done by an exploit > against tcpdump. > > Some of the inspiration for

[tcpdump-workers] [PATCH] Drop unneeded capabilities

I've written a little patch to drop all but the CAP_NET_ADMIN and CAP_NET_RAW capabilities immediately if tcpdump is running with root privileges. The idea is to limit the damage done by an exploit against tcpdump. Some of the inspiration for this patch came from here: