[PATCH] ping: try SOCK_DGRAM if no root privileges

Denys Vlasenko vda.linux at googlemail.com
Thu Jan 9 10:52:48 UTC 2014


On Mon, Jan 6, 2014 at 5:03 PM, John Spencer
<maillist-busybox at barfooze.de> wrote:
> i've been able to get the SOCK_DGRAM stuff to work with a little help of
> Vasily, author of the kernel patch.
>
> see attached proof-of-concept patch.
> i'm aware that it doesnt use xbind() and other busybox replacement funcs.
> getting it into a more busybox-ish shape is something i leave as a task for
> someone more familiar with the busybox internals.
>
> note that i didn't test if the added getsockopt calls are strictly needed, i
> added them because they were in the original iputils patch.
>
> in general the following differences exist between SOCK_RAW and SOCK_DGRAM
> handling:
>
> 1) the received packet is a raw icmp packet, not an IP one, so it lacks the
> header and is shorter.
> 2) the ident (myid) of the packet is sin(6)_port of the sockaddr struct
> after doing a bind() and getsockname() on the dgram socket.
>
> the patch works for both "fancy" ping(6), and "non-fancy" ping(6) (the
> latter just sends one packet and displays whether it was successful or not,
> without further info).

This seems to lead to a significantly larger code.

Making ping suid wasn't such a big problem before, so
why should we have all these complications now?


More information about the busybox mailing list