[BusyBox] Traceroute question
Rob Landley
rob at landley.net
Thu Aug 4 09:28:47 UTC 2005
On Tuesday 02 August 2005 16:18, Jason Schoon wrote:
> A bit of a silly, esoteric question.
>
> Is there any way for the busybox implementation of traceroute to be of
> use to a non-superuser? It appears to me that in all cases this
> implementation will use a raw socket, making it not accessible to
> ordinary users.
Is there an easy way to manually set the hop count in the packet header
without the ability to use raw sockets?
Traceroute started life as a clever hack that tricked information out of the
net that the net was never really designed to provide. The amazing part
about it was that it worked. To do its thing, it has to create synthetic
packets with attributes that do not exist in nature, and in any sane security
environment that requires root access (or capabilities, which nobody ever
uses because when you hand somebody the entire keyring you know you have to
keep an eye on them, but the only reason to hand people individual keys is so
you can hope you _don't_ have to keep so close an eye on them, which never
works. It's just so much easier to work with "this is dangerous" vs 8
gazillion simultaneous variants "this is sort of dangerous but only in
certain circumstances"...)
> If this were the case, I would think the default installation in
> busybox should default to /usr/sbin, rather than /usr/bin.
By that logic, anything with the suid bit (ping, su, mount, umount, passwd...)
should be in sbin as well, which means they wouldn't be in the path for
anybody who wasn't logged in as root, which kind of defeats the purpose of
having the suid bit on them in the first place, doesn't it? (It's not like
root needs it...)
Rob
More information about the busybox
mailing list