Date: Mon, 22 Apr 2002 23:24:15 -0700 From: "Crist J. Clark" <cjc@FreeBSD.ORG> To: Doug White <dwhite@resnet.uoregon.edu> Cc: Lyndon Nerenberg <lyndon@orthanc.ab.ca>, freebsd-current@FreeBSD.ORG Subject: Re: Adding a 'bpf' group for /dev/bpf* Message-ID: <20020422232415.C84809@blossom.cjclark.org> In-Reply-To: <20020422111600.G5217-100000@resnet.uoregon.edu>; from dwhite@resnet.uoregon.edu on Mon, Apr 22, 2002 at 11:16:58AM -0700 References: <200204202139.g3KLdEJ80591@orthanc.ab.ca> <20020422111600.G5217-100000@resnet.uoregon.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 22, 2002 at 11:16:58AM -0700, Doug White wrote:
> On Sat, 20 Apr 2002, Lyndon Nerenberg wrote:
>
> > For the benefit of packet sniffers and other things that only want
> > read-only access to /dev/bpf*, what do people think of adding a 'bpf'
> > group for those programs? This allows bpf devices to be read by
> > programs running with an effective gid of 'bpf' instead of the current
> > requirement for an effective user of root. I've been running this way
> > on many of our servers for several months now, and things like snort,
> > tcpdump, etc., are quite happy with it (under stable).
>
> There's the other small problem that you have to be root to set
> promiscuous mode.
Nope. Just read access to bpf(4).
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020422232415.C84809>