|Summary:||net-analyzer/tcpdump - drop privileges by default at compile time|
|Product:||Gentoo Linux||Reporter:||Jukka Ruohonen <drear>|
|Component:||New packages||Assignee:||Gentoo Netmon project <netmon>|
|Package list:||Runtime testing required:||---|
Description Jukka Ruohonen 2007-04-28 19:01:05 UTC
Like the man-page of tcpdump says, the option -Z (drop privileges from root to an user) can be enabled by default at compile time (by --with-user=USERNAME). This is a request to make that behavior to be enabled by default. This request fits to any reasonable security-related policy. But if there is some specific reason not to follow this practice (i.e. this will probably mean an addition of tcpdump-user or usage of some existing default user account?), please kindly ignore this request.
Comment 1 Peter Volkov (RETIRED) 2007-04-29 04:49:42 UTC
Jukka, you can use EXTRA_ECONF="--with-user=USERNAME" emerge tcpdump or if you want not to loose this setting on re-emerge save this environment variable in /etc/portage/env/net-analyzer/tcpdump to get desired behaviour. $ cat /etc/portage/env/net-analyzer/tcpdump EXTRA_ECONF="--with-user=pva" No need to fix anything. :)
Comment 2 Jukka Ruohonen 2007-04-29 06:39:10 UTC
I was completely unaware of such environmental variables, and therefore, thank you. Can I further confirm that there is generally no aims for such behavior to be enabled by default with potentially risky packages related to network sphere? (As tcpdump is just a small example regarding the general question, this seems to be the policy followed by Red Hat, for an instance.)  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0194
Comment 3 Peter Volkov (RETIRED) 2007-04-29 11:12:53 UTC
tcpdump is not a server application and is just debugging tool. It could be configured from command line and for build process an easy way to archive goal exist... But well. Let's keep this as an enhancement.
Comment 4 Peter Volkov (RETIRED) 2007-05-05 19:15:44 UTC
I think having this enabled can be useful.
Comment 5 Peter Volkov (RETIRED) 2007-07-10 13:46:18 UTC
Well. I've commited fix in tcpdump-3.9.6-r1 and tcpdump-3.9.5-r3. Now we create tcpdump user and drop privileges by default.
Comment 6 Jukka Ruohonen 2007-08-27 13:49:18 UTC
I won't reopen this one, but I am nevertheless curious why this feature was removed from the 1.3.7?
Comment 7 Cédric Krier 2007-08-27 22:03:14 UTC
I re-enable the feature in cvs in version 3.9.7-r1