- status: open --> accepted
- Milestone: 1.0 --> 3.1-ng
Currenly arpon can only run as root. This is explicitly enforced by a startup ckeck, although with the full introduction of capabilities in kernel 2.6.4, it is possible that a non-root user can have permissions needed to run arpon. Such a user should be allowed to run arpon, and ideally arpon should always be run as a minimally permissioned user to make it a smaller target.
This is especially important in the case of Docker containers on untrusted networks, as because as arpon is currently written it is imporssible to run without making it a privilileged container, which in itself is a huge security hole.
Here are the changes I propose
With this a non-root, but appropriatly priviliged, user or container can run arpon, improving security further!
Here are the code changes
https://github.com/nategraf/arpon/compare/master...capabilities