Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 11 Mar 2011 17:57:53 +0300
From: "Dmitry V. Levin" <>
Subject: Re: tcpdump vagaries

On Fri, Mar 11, 2011 at 06:40:31AM -0800, RB wrote:
> As sent to Solar, re-posting as requested to owl-dev.  This particular
> pair of bugs^Wfeatures have had me pulling my hair out for the past
> week.
> ====
> Just wanted to give you a heads up on some poor behavior I've noted in
> Gentoo's packaging of tcpdump that you may have unintentionally run
> into.  I know Owl's recent releases eliminated setXid binaries, so
> your likelihood of hitting these edge cases increases.
> The issues surround using the -G and -C options to split capture files
> at runtime.  When tcpdump is configured with '--with-user=XXX', it
> turns the -Z (drop privileges) option on by default.  The result is
> that the first capture file is created with the privileges and
> ownership of the calling user (often root) but subsequent ones as the
> XXX user.  This stands a high probability of producing subtle (and
> late) failures due to filesystem permissions.

The issue you are talking about is similar to already described one:

I made a patch to resolve it by dropping privs before opening a savefile:;a=commitdiff;h=3.9.5-alt1-3-gab9c745


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.