From: Aaron T. <syn...@gm...> - 2008-07-24 15:43:21
|
On Thu, Jul 24, 2008 at 12:23 AM, Lothar Braun <lo...@lo...> wrote: > Andrew Edgecombe wrote: >> Why not set the suid bit on the tcpreplay executable? >> eg. >> sudo chmod a+s /usr/local/bin/tcpreplay >> >> or am I missing something? > > That would work indeed. The problem with this approach is that it does > allow _every_ user on the system to use tcpreplay as root. If there is a > bug in tcpreplay (like a buffer overflow), every user on the system > might be able to gain root on that system. You could also: create a tcpreplay group add the user to the group chmod a-rwx tcpreplay chmod g+rx tcpreplay chgrp tcpreplay tcpreplay That way only users in the tcpreplay group can run it as root. -- Aaron Turner http://synfin.net/ http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin |