You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To listen network interface, tcpflow requires to be run using the root privileges. Therefore the output files are also owned by root and cannot be accessed by non-privileged users. The idea is to have the same behavior as tcpdump.
-Z user
--relinquish-privileges=user
If tcpdump is running as root, after opening the capture device or input savefile, but before opening any savefiles for output, change the user ID to user and the group ID to the primary group of user.
I propose to implement the same command line option to tcpflow in the next months. I will submit a pull request.
Unfortunately option -Z is already used to disable GZip decompression of HTTP content (scan_http).
I propose to replace option -Z by -S decompress=fasle (default value is -S decompress=true).
This is the way to pass parameters to scanners (by the option -S).
Sadly, we cannot change an existing command line option, we can only create new ones. The application already has code to drop SUID; we will add the code to change the userid.
To listen network interface, tcpflow requires to be run using the root privileges. Therefore the output files are also owned by root and cannot be accessed by non-privileged users. The idea is to have the same behavior as tcpdump.
tcpdump provides the following command line option:
I propose to implement the same command line option to tcpflow in the next months. I will submit a pull request.
For curiosity, the corresponding tcpdump source code is in the function
droproot()
. See https://github.com/the-tcpdump-group/tcpdump/blob/master/tcpdump.c#L611 . Below is a very simplified extract:The text was updated successfully, but these errors were encountered: