libnet [PSARC/2008/409 FastTrack timeout 07/03/2008]
Daria Mehra
Daria.Mehra at sun.com
Wed Jul 2 20:32:55 PDT 2008
Darren J Moffat wrote:
> Daria Mehra wrote:
>>> Will the documentation be updated to mention what authroisations
>>> within OpenSolaris are required to use this application?
>>
>> Darren Moffat's comment addressed this. If you are asking about
>> privileges, an application using libnet will need to run as root.
>> This can be included in libnet's main manpage, if desired. If this
>> doesn't answer your question, please clarify.
>
> Acutally "root" is the wrong answer. The correct answer is one or
> more explicitly listed privileges (or privilege sets such as all). I
> don't want to see "root" listed on the man page because that is wrong.
>
> Depending on what it is that libnet allows the user to do the answer
> is probably something like sys_net_config or net_rawaccess or maybe it
> varies depending on the device and which libnet interface. However
> "root" is most certainly not the answer.
>
Ok now I understand that the question was about privileges in the
Solaris RBAC model (another new area for yours truly). From what I can
tell, the necessary privileges depend on what the application is doing
with libnet and may include sys_net_config, net_rawaccess,
net_icmpaccess. I do not believe the entire "all" set is needed. I
derived this by using privdebug.pl script on sample applications
supplied with libnet.
-- daria
More information about the opensolaris-arc
mailing list