Like the man-page of tcpdump says, the option -Z (drop privileges from root to an user) can be enabled by default at compile time (by --with-user=USERNAME). This is a request to make that behavior to be enabled by default. This request fits to any reasonable security-related policy. But if there is some specific reason not to follow this practice (i.e. this will probably mean an addition of tcpdump-user or usage of some existing default user account?), please kindly ignore this request.
Jukka, you can use EXTRA_ECONF="--with-user=USERNAME" emerge tcpdump or if you want not to loose this setting on re-emerge save this environment variable in /etc/portage/env/net-analyzer/tcpdump to get desired behaviour. $ cat /etc/portage/env/net-analyzer/tcpdump EXTRA_ECONF="--with-user=pva" No need to fix anything. :)
I was completely unaware of such environmental variables, and therefore, thank you. Can I further confirm that there is generally no aims for such behavior to be enabled by default with potentially risky packages related to network sphere? (As tcpdump is just a small example regarding the general question, this seems to be the policy followed by Red Hat, for an instance[1].) [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0194
tcpdump is not a server application and is just debugging tool. It could be configured from command line and for build process an easy way to archive goal exist... But well. Let's keep this as an enhancement.
I think having this enabled can be useful.
Well. I've commited fix in tcpdump-3.9.6-r1 and tcpdump-3.9.5-r3. Now we create tcpdump user and drop privileges by default.
I won't reopen this one, but I am nevertheless curious why this feature was removed from the 1.3.7?
I re-enable the feature in cvs in version 3.9.7-r1
Note I've submitted bug 358329 to reverse this choice, or to make it USE configurable, and explain why in that bug.