Listen root only

Listen root only

[Chuck Hast]

Folks,
I am trying to get listen to be viewable by other users than root. I have
checked the permissions on listen and all appears OK, but when I
try to run it as a common user, I get a failure.

Here is the error message:
kp4djt@fpac-dev:~$ listen
socket: Operation not permitted
kp4djt@fpac-dev:~$

If I do a strace here is what I get

All above the top of the capture appears the same as the strace under
root:

read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x40018000, 4096)                = 0
close(4)                                = 0
socket(PF_PACKET, SOCK_PACKET, 512)     = -1 EPERM (Operation not permitted)
dup(2)                                  = 3
fcntl64(3, F_GETFL)                     = 0x8002 (flags O_RDWR|O_LARGEFILE)
fstat64(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(3, 1), ...}) = 0
ioctl(3, SNDCTL_TMR_TIMEBASE, {B38400 opost isig icanon echo ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0x40018000
_llseek(3, 0, 0xbffff580, SEEK_CUR)     = -1 ESPIPE (Illegal seek)
write(3, "socket: Operation not permitted\n", 32socket: Operation not permitted
) = 32
close(3)                                = 0
munmap(0x40018000, 4096)                = 0
exit_group(1)                           = ?
kp4djt@fpac-dev:~$


The problem appears to be with the socket part, but am not sure how to
deal with it.

-- 
Chuck Hast 
To paraphrase my flight instructor;
"the only dumb question is the one you DID NOT ask resulting in my going
out and having to identify your bits and pieces in the midst of torn
and twisted metal."

Re: Listen root only

[Hamish Moffatt]

On Fri, Jul 15, 2005 at 09:02:41PM -0400, Chuck Hast wrote:
> Folks,
> I am trying to get listen to be viewable by other users than root. I have
> checked the permissions on listen and all appears OK, but when I
> try to run it as a common user, I get a failure.

Define OK?

> Here is the error message:
> kp4djt@fpac-dev:~$ listen
> socket: Operation not permitted
> kp4djt@fpac-dev:~$

listen needs to open a socket to receive all traffic (like packet
sniffing on ethernet), which only root can do. So listen must be either
run by root, or run as root using setuid.


Hamish
-- 
Hamish Moffatt VK3SB <hamish@debian.org> <hamish@cloud.net.au>

Re: Listen root only

[Chuck Hast]

On 7/15/05, Hamish Moffatt <hamish@cloud.net.au> wrote:
> On Fri, Jul 15, 2005 at 09:02:41PM -0400, Chuck Hast wrote:
> > Folks,
> > I am trying to get listen to be viewable by other users than root. I have
> > checked the permissions on listen and all appears OK, but when I
> > try to run it as a common user, I get a failure.
> 
> Define OK?
> 
> > Here is the error message:
> > kp4djt@fpac-dev:~$ listen
> > socket: Operation not permitted
> > kp4djt@fpac-dev:~$
> 
> listen needs to open a socket to receive all traffic (like packet
> sniffing on ethernet), which only root can do. So listen must be either
> run by root, or run as root using setuid.
> 
setuid took care of it.
Actually what I am trying to do is have it run as a shell, so that when I
log into listen I get the listen application. I have that working, but without
the arguments Now I have to figure out how to handle that so I can get
the color screen of the different frame types.

-- 
Chuck Hast 
To paraphrase my flight instructor;
"the only dumb question is the one you DID NOT ask resulting in my going
out and having to identify your bits and pieces in the midst of torn
and twisted metal."

Re: Listen root only

[Chuck Hemker]

On Sat, 16 Jul 2005 12:16:52 +1000
Hamish Moffatt <hamish@cloud.net.au> said:

> listen needs to open a socket to receive all traffic (like packet
> sniffing on ethernet), which only root can do. So listen must be
> either run by root, or run as root using setuid.

I understand the logic that only root can sniff packets and such.

However with several protocols not using connected packets (aprs,
satellites, bouncing packets off the ISS, etc) it seems to me to
possibly cause more security problems then it solves.  It seems like
things that would use UDP in the TCP/IP world end up having to run as
root with its related problems.

I just wish there was a better way.

Re: Listen root only

[Curt Mills]

On Sat, 16 Jul 2005, Chuck Hemker wrote:

> On Sat, 16 Jul 2005 12:16:52 +1000
> Hamish Moffatt <hamish@cloud.net.au> said:
> 
> > listen needs to open a socket to receive all traffic (like packet
> > sniffing on ethernet), which only root can do. So listen must be
> > either run by root, or run as root using setuid.
> 
> I understand the logic that only root can sniff packets and such.
> 
> However with several protocols not using connected packets (aprs,
> satellites, bouncing packets off the ISS, etc) it seems to me to
> possibly cause more security problems then it solves.  It seems like
> things that would use UDP in the TCP/IP world end up having to run as
> root with its related problems.
> 
> I just wish there was a better way.

sudo?

I do my Xastir build/install scripts using sudo so that I don't
constantly have to switch between a normal user and root.  I'd think
a quick edit of the /etc/sudoers file would solve this "listen"
problem nicely for your users.  In that case a normal user could run
it but it would run with root priviledges.  Then again, I suppose
SUID-root will give that same capability.  Perhaps there are some
other advantages here (like logging who runs each command) that sudo
would give you.

As to how to solve the general problem discussed, I haven't a clue.
I can't see a way around it.  In Xastir we have the users install
SUID-root so that we can open AX.25 ports, but we drop priviledges
in the code except for those short instances where we need the root
priviledges.  It's still a security concern, but less so that way.

-- 
Curt, WE7U.				archer at eskimo dot com
http://www.eskimo.com/~archer
  Lotto:  A tax on people who are bad at math. - unknown
Windows:  Microsoft's tax on computer illiterates. - WE7U.
The world DOES revolve around me:  I picked the coordinate system!"

Re: Listen root only

[Jim Bayer]

On 7/16/05, Curt Mills <archer@eskimo.com> wrote:
> On Sat, 16 Jul 2005, Chuck Hemker wrote:
> 
> > On Sat, 16 Jul 2005 12:16:52 +1000
> > Hamish Moffatt <hamish@cloud.net.au> said:
> >
> > > listen needs to open a socket to receive all traffic (like packet
> > > sniffing on ethernet), which only root can do. So listen must be
> > > either run by root, or run as root using setuid.
> >
> > I understand the logic that only root can sniff packets and such.
> >
> > However with several protocols not using connected packets (aprs,
> > satellites, bouncing packets off the ISS, etc) it seems to me to
> > possibly cause more security problems then it solves.  It seems like
> > things that would use UDP in the TCP/IP world end up having to run as
> > root with its related problems.
> >
> > I just wish there was a better way.
> 
> sudo?
> 
> I do my Xastir build/install scripts using sudo so that I don't
> constantly have to switch between a normal user and root.  I'd think
> a quick edit of the /etc/sudoers file would solve this "listen"
> problem nicely for your users.  In that case a normal user could run
> it but it would run with root priviledges.  Then again, I suppose
> SUID-root will give that same capability.  Perhaps there are some
> other advantages here (like logging who runs each command) that sudo
> would give you.
> 
> As to how to solve the general problem discussed, I haven't a clue.
> I can't see a way around it.  In Xastir we have the users install
> SUID-root so that we can open AX.25 ports, but we drop priviledges
> in the code except for those short instances where we need the root
> priviledges.  It's still a security concern, but less so that way.
> 
> --
> Curt, WE7U.                             archer at eskimo dot com
> http://www.eskimo.com/~archer
>  Lotto:  A tax on people who are bad at math. - unknown
> Windows:  Microsoft's tax on computer illiterates. - WE7U.
> The world DOES revolve around me:  I picked the coordinate system!"
> -
> To unsubscribe from this list: send the line "unsubscribe linux-hams" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 



And to add another benefit of sudo..

You  (root) have to grant rights to programs, either by group or
individually, in the sudoers file.  You can sudo as any valid user,
not just root.  Also every sudo command is logged in /var/log/secure
or /var/log/messages depending on your /etc/syslog.conf directives.

I really like sudo, but if you fork too many levels, I've had problems
with inheritance of privileges.

-- 
'73'

Jim - KC9AOP

Re: Listen root only

[Hamish Moffatt]

On Sat, Jul 16, 2005 at 08:50:41AM -0700, Curt Mills wrote:
> As to how to solve the general problem discussed, I haven't a clue.
> I can't see a way around it.  In Xastir we have the users install
> SUID-root so that we can open AX.25 ports, but we drop priviledges
> in the code except for those short instances where we need the root
> priviledges.  It's still a security concern, but less so that way.

I expect that the kernel could be changed to allow any user to open the
relevant type of socket. I don't know whether the kernel maintainers
would accept this solution though.

Hamish
-- 
Hamish Moffatt VK3SB <hamish@debian.org> <hamish@cloud.net.au>