Remove inetutils from LFS [was Re: GCC-4.0.1]

Bryan Kadzban bryan at kadzban.is-a-geek.net
Mon Aug 22 09:39:29 PDT 2005


On Mon, Aug 22, 2005 at 12:03:49PM -0400, Jason Gurtz wrote:
> On 8/21/2005 10:54, Matthew Burgess wrote:
> 
> > ping.c:63 - "This program has to run SUID to ROOT to access the ICMP 
> > socket."
> 
> That's crazy.  Normal pings shouldn't require root.

IIRC, the standard kernel socket interface simply has no way to send any
kind of ICMP packet (echo-request included).  Therefore, you need to
open a raw socket, and write the headers yourself.

To create a socket using PF_PACKET and SOCKTYPE_RAW (which I believe is
the only way to send ICMP), you must be root.  The socket() call will
fail if you aren't root, and you pass those flags.  It may be possible
to use PF_PACKET and SOCKTYPE_DGRAM, but I don't know for sure.  (That
may require the caller to be root also).

This isn't a requirement of the ping program.  It's a requirement of the
kernel.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/lfs-dev/attachments/20050822/67c46553/attachment.sig>


More information about the lfs-dev mailing list