Cristian Rodríguez wrote:
El 28/01/14 10:02, James Knott escribió:
Don't cut essential tools without providing a superior replacement. Things like traceroute and ping are essential for troubleshooting network problems.
"traceroute" is provided nowadays by a separate package, not net-tools. properly named "traceroute" [doh] it is what the rest of the world also uses.
"ping" could be reimplemented to use the kernel's "ping" sockets (socket(PF_INET, SOCK_DGRAM, IPPROTO_ICMP) ...) instead of the old setuid/capability ways.. unfortunately the kernel has a barking mad restriction in this socket type which means that by default, not even root can use it. (go figure...)
Interesting feature. I'd love to get rid of the special privilege ping. The permissions check via group and sysctl setting is kind of silly though. http://openwall.info/wiki/people/segoon/ping http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3... cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org