|
version 1.1.1.2, 2014/06/15 16:26:43
|
version 1.1.1.3, 2016/10/18 13:16:10
|
|
Line 197 A: Be my guest, but if care about security *at all* yo
|
Line 197 A: Be my guest, but if care about security *at all* yo
|
| That being said, on Linux you can add the CAP_NET_RAW capability to arping |
That being said, on Linux you can add the CAP_NET_RAW capability to arping |
| limiting the damage if arping were to be compromised: |
limiting the damage if arping were to be compromised: |
| sudo setcap cap_net_raw+ep /usr/local/sbin/arping |
sudo setcap cap_net_raw+ep /usr/local/sbin/arping |
| This requires a libnet which does not explicitly check for uid 0. The | This requires a libnet 1.1.5 or higher, which does not explicitly check for |
| current version of libnet does check this, so unless you patch it it will | uid 0. |
| not help. | |
| |
|
| Patch: | For older versions of Libnet: |
| http://github.com/ThomasHabets/libnet/commit/aaa383b5c816107082508b7646929a9479b81645 |
http://github.com/ThomasHabets/libnet/commit/aaa383b5c816107082508b7646929a9479b81645 |
| --- |
--- |
| Q: What's this -A switch all about, I don't understand it. |
Q: What's this -A switch all about, I don't understand it. |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to README CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / arping