[BusyBox] Traceroute question

Rob Landley rob at landley.net
Thu Aug 4 09:28:47 UTC 2005


On Tuesday 02 August 2005 16:18, Jason Schoon wrote:
> A bit of a silly, esoteric question.
>
> Is there any way for the busybox implementation of traceroute to be of
> use to a non-superuser?  It appears to me that in all cases this
> implementation will use a raw socket, making it not accessible to
> ordinary users.

Is there an easy way to manually set the hop count in the packet header 
without the ability to use raw sockets?

Traceroute started life as a clever hack that tricked information out of the 
net that the net was never really designed to provide.  The amazing part 
about it was that it worked.  To do its thing, it has to create synthetic 
packets with attributes that do not exist in nature, and in any sane security 
environment that requires root access (or capabilities, which nobody ever 
uses because when you hand somebody the entire keyring you know you have to 
keep an eye on them, but the only reason to hand people individual keys is so 
you can hope you _don't_ have to keep so close an eye on them, which never 
works.  It's just so much easier to work with "this is dangerous" vs 8 
gazillion simultaneous variants "this is sort of dangerous but only in 
certain circumstances"...)

> If this were the case, I would think the default installation in
> busybox should default to /usr/sbin, rather than /usr/bin.

By that logic, anything with the suid bit (ping, su, mount, umount, passwd...) 
should be in sbin as well, which means they wouldn't be in the path for 
anybody who wasn't logged in as root, which kind of defeats the purpose of 
having the suid bit on them in the first place, doesn't it?  (It's not like 
root needs it...)

Rob



More information about the busybox mailing list