Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 358329 - net-analzyzer/tcpdump dropping privileges by default produces unexpected behavior
Summary: net-analzyzer/tcpdump dropping privileges by default produces unexpected beha...
Status: RESOLVED DUPLICATE of bug 334329
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Netmon Herd
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-03-11 01:01 UTC by dacook
Modified: 2011-07-18 11:21 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description dacook 2011-03-11 01:01:02 UTC
In counter to the original bug that requested this be done (bug 176391), I'm requesting this behavior be disabled by default unless managed by a USE flag.

My first concern with this is that it fails to work on gentoo-alt platforms that are prefixed, like OS X.  The enewgroup() and enewuser() calls are NOPed there, so although building and installation silently work, actually using the tool thereafter results in failures because the tcpdump user cannot be identified.

Additionally, when beginning a capture with -G (split by time) or -C (split by size), having this configured at compile-time means that although the first capture file is created under the ownership and privileges of the calling user, subsequent ones are not (created as the user tcpdump instead).  This, of course, readily causes subtle and late failure due to filesystem permissions.

This choice, in addition to the decision to chroot() by default (bug 334329), represents what I perceive as a series of well-intentioned changes to arguably improve edge-case security in the tcpdump package, but were evidently not thoroughly evaluated or tested for following the principle of least surprise.

Likely it would be optimal to change where/when chroot() or privilege dropping happens within tcpdump itself to make these failures more immediate, but since upstream chose to not set these options by default, they were likely aware of the issues and limitations and elected to instead leave the subsequent complexities to the choice of the user.
Comment 1 Jeroen Roovers gentoo-dev 2011-07-18 11:20:01 UTC
*** Bug 375325 has been marked as a duplicate of this bug. ***
Comment 2 Jeroen Roovers gentoo-dev 2011-07-18 11:21:05 UTC

*** This bug has been marked as a duplicate of bug 334329 ***