|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: fping & systrace
From: Ted Unangst (ted.unangst
gmail.com)
Date: Fri Sep 01 2006 - 14:21:38 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 9/1/06, Julien TOUCHE <julien.touchelycos.com> wrote:
> i want to use fping with with nrpe/nagios. as security doc of OpenBSD
> state, i want to use systrace privilege elevation but ...
>
> $ sudo /bin/systrace -a -c 556:556 /usr/local/sbin/fping localhost
> This program can only be run by root, or it must be setuid root.
> $ sudo /bin/systrace -a /usr/local/sbin/fping -qc 5 localhost
> localhost : xmt/rcv/%loss = 5/5/0%, min/avg/max = 0.71/1.07/1.92
>
> seems fping runs a root check which cannot be overcome by a switch (at
> least in man)
> even if the policy of fping is with "as root" for everything it can't
> run ...
> anything beyond editing the code ?
tried setting the policy to have getuid return an error of 0?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]