ping drops its permissions as soon as it gets a raw socket open -- that's all it needs them for. If /etc/resolv.conf is set to rw-r----- root.dialout /etc/resolv.conf then that would nicely account for everything. By the time ping gets around to looking up the host name, it no longer has the privileges to read /etc/resolv.conf. --Steve Augart -----Original Message----- From: Steffen Dettmer [mailto:steffen@dett.de] Sent: Wednesday, October 16, 2002 2:27 AM -0700 (California time) To: SuSE Security Mailingliste Subject: Re: [suse-security] network privileges of user nobody??? how to configure??? Maybe some permissions are screwed up. I could imagine such effects when having a /etc/resolv.conf readable for dialout only. Well, my PING (SuSE 7.0 I believe) isn't dropping it's UID0, so you would probably need a "---r-----" root.dialout /etc/resolv.conf or such. Ohh, and please send the strace to me (PM) and not to the list!