d115fc0d58
I case we already opened savefile we want to change ownership of the file to the given user (tcpdump by default), but we shouldn't do so when dumping to stdout is requested. Resolves: #1015767
78 lines
2.8 KiB
Diff
78 lines
2.8 KiB
Diff
diff -up tcpdump-4.4.0/tcpdump.1.in.eperm tcpdump-4.4.0/tcpdump.1.in
|
|
--- tcpdump-4.4.0/tcpdump.1.in.eperm 2013-10-07 15:21:26.795602764 +0200
|
|
+++ tcpdump-4.4.0/tcpdump.1.in 2013-10-07 15:21:26.800602762 +0200
|
|
@@ -221,6 +221,9 @@ have the name specified with the
|
|
flag, with a number after it, starting at 1 and continuing upward.
|
|
The units of \fIfile_size\fP are millions of bytes (1,000,000 bytes,
|
|
not 1,048,576 bytes).
|
|
+
|
|
+Note that when used with \fB\-Z\fR option (enabled by default), privileges
|
|
+are dropped before opening first savefile.
|
|
.TP
|
|
.B \-d
|
|
Dump the compiled packet-matching code in a human readable form to
|
|
@@ -720,7 +723,9 @@ but before opening any savefiles for out
|
|
and the group ID to the primary group of
|
|
.IR user .
|
|
.IP
|
|
-This behavior can also be enabled by default at compile time.
|
|
+This behavior is enabled by default (\fB\-Z tcpdump\fR), and can
|
|
+be disabled by \fB\-Z root\fR.
|
|
+
|
|
.IP "\fI expression\fP"
|
|
.RS
|
|
selects which packets will be dumped.
|
|
diff -up tcpdump-4.4.0/tcpdump.c.eperm tcpdump-4.4.0/tcpdump.c
|
|
--- tcpdump-4.4.0/tcpdump.c.eperm 2013-03-24 22:49:18.000000000 +0100
|
|
+++ tcpdump-4.4.0/tcpdump.c 2013-10-07 15:22:26.360590143 +0200
|
|
@@ -1426,11 +1426,24 @@ main(int argc, char **argv)
|
|
}
|
|
#endif /* HAVE_CAP_NG_H */
|
|
|
|
- if (getuid() == 0 || geteuid() == 0) {
|
|
- if (username || chroot_dir)
|
|
+ /* If user is running tcpdump as root and wants to write to the savefile,
|
|
+ * we will check if -C is set and if it is, we will drop root
|
|
+ * privileges right away and consequent call to pcap_dump_open()
|
|
+ * will most likely fail for the first file. If -C flag is not set we
|
|
+ * will create file as root then change ownership of file to proper
|
|
+ * user(default tcpdump) and drop root privileges.
|
|
+ */
|
|
+ int chown_flag = 0;
|
|
+
|
|
+ if (WFileName && (getuid() == 0 || geteuid() == 0))
|
|
+ if (Cflag && (username || chroot_dir))
|
|
+ droproot(username, chroot_dir);
|
|
+ else
|
|
+ chown_flag = 1;
|
|
+ else
|
|
+ if ((getuid() == 0 || geteuid() == 0) && (username || chroot_dir))
|
|
droproot(username, chroot_dir);
|
|
|
|
- }
|
|
#endif /* WIN32 */
|
|
|
|
if (pcap_setfilter(pd, &fcode) < 0)
|
|
@@ -1450,6 +1463,21 @@ main(int argc, char **argv)
|
|
MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, 0);
|
|
|
|
p = pcap_dump_open(pd, dumpinfo.CurrentFileName);
|
|
+
|
|
+ /* Change ownership of file and drop root privileges */
|
|
+ if (chown_flag) {
|
|
+ struct passwd *pwd;
|
|
+
|
|
+ pwd = getpwnam(username);
|
|
+ if (!pwd)
|
|
+ error("Couldn't find user '%s'", username);
|
|
+
|
|
+ if (strcmp(WFileName, "-") && chown(dumpinfo.CurrentFileName, pwd->pw_uid, pwd->pw_gid) < 0)
|
|
+ error("Couldn't change ownership of savefile");
|
|
+
|
|
+ if (username || chroot_dir)
|
|
+ droproot(username, chroot_dir);
|
|
+ }
|
|
#ifdef HAVE_CAP_NG_H
|
|
/* Give up capabilities, clear Effective set */
|
|
capng_clear(CAPNG_EFFECTIVE);
|