From: Michael Richardson <mcr@sa...> - 2001-10-02 01:28:45
>>>>> "Shane" == Shane Kerr <shane@...> writes:
Shane> o Can a non-root user send packets into the network? Can a
Shane> non-root user do this without special kernel hooks in the host
Shane> (i.e. TUN stuff)?
Shane> o Assuming a non-root user can inject packets, is there any way to
Shane> receive arbritrary packets? Again, can a non-root user do this
Shane> without special kernel hooks in the host?
Why not just ask your sysadmin to do the appropriate setup of tap0
for you? The alternative is that they get mad later.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@... http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [
From: Jeff Dike <jdike@ka...> - 2001-10-02 15:22:53
> My idea was to do something like SSH tunneling
That's not the fully general networking that UML implements with TUN/TAP,
et al. That's just doing port forwarding for non-privileged ports.
> which does not require root access (TCP described here).
Sure it does. You can't do ssh tunneling without a running network, and
setting up the network requires root privileges.
> I thought of uml_router, since this is the only networking that
> doesn't require host IP setup.
Because it doesn't send packets through the host network.
> The uml process would call bind()/listen() on port 8080, and if a
> process in the virtual machine had called bind()/listen() on this
> port, then it would get the packets from the outside world. At this
> point, NAT should be easy enough:
> $ linux eth0=porttunnel,8080:80,4343:43
Something like this might work. I have this on my todo list, for unix sockets.
I think it's possible to intercept socket operations for unix sockets at
the filesystem level. For normal TCP sockets, I don't think UML has any chance
to intercept anything until the low-level network driver gets a completely
To do what you want, it would have to extract the data, throw out the headers
after making sure that the source port was correct, and send the data to
the host port.
What might be easier is a tunnel daemon running inside UML listening to
port 80 or 43 and forwarding traffic to a special device that's hooked up
to a tunnel driver. This wouldn't be a general network driver, it would a
special-purpose thing that forwards traffic between a host port and its node