[PATCH] traceroute: delete the verification of root user
tito
farmatito at tiscali.it
Sat Mar 1 12:38:26 UTC 2025
On Sat, 1 Mar 2025 16:03:17 +0800 (GMT+08:00)
范星宇 <isfanxy at 126.com> wrote:
> Hello,
>
> The attached patch is to delete the judgment of whether it is the root user when using "traceroute -s".When we use "traceroute -s" command as a non-root regular user, a "you must be root" error occurs due to the validation of whether getuid() is equal to 0. Even if CAP_NET_RAW permission is configured by "setcap cap_net_raw+ep /bin/busybox", non-root users cannot use "traceroute -s" as well. We consider that finer grained permission control can be achieved through the capabilities(CAP) mechanism, rather than directly verifying whether it is a root user.Kindly check the patch.
>
>
> ---
> *** 1070,1077 ****
>
>
> #else
>
>
> len_and_sockaddr *source_lsa = xdotted2sockaddr(source, 0);
>
> #endif
>
> - if (getuid() != 0)
>
> - bb_simple_error_msg_and_die(bb_msg_you_must_be_root);
>
> /* Ping4 does this (why?) */
>
> if (af == AF_INET)
>
> if (setsockopt(sndsock, IPPROTO_IP, IP_MULTICAST_IF,
>
> --- 1070,1075 ----
>
>
> Thanks & Regards,
> Xingyu Fan
>
>
> | |
> 范星宇
> |
> |
> isfanxy at 126.com
> |
Hi,
couldn't you check if the capability is available?
Busybox has some facilities for that in libbb/capability.c.
Take a look at it , hope this helps.
Ciao,
Tito
More information about the busybox
mailing list