| 1 |
Hi! |
| 2 |
|
| 3 |
On Sat, Jan 28, 2012 at 03:50:22AM +0200, Alex Efros wrote: |
| 4 |
> #0 0xb749f152 in __readdir64 (dirp=0x0) at ../sysdeps/unix/readdir.c:45 |
| 5 |
> dp = <optimized out> |
| 6 |
> saved_errno = <optimized out> |
| 7 |
> #1 0xb759d7ea in scan_sys_class_net (devlistp=0xbfffe488, |
| 8 |
> errbuf=0xbfffe4dc "tun0: You don't have permission to capture on that device (socket: Operation not permitted)") at ./pcap-linux.c:1832 |
| 9 |
> sys_class_net_d = 0x0 |
| 10 |
|
| 11 |
Ok, I'm not a C developer (you see, I don't even know how to use gdb), but |
| 12 |
with so much information even I see what's the problem is: |
| 13 |
|
| 14 |
in libpcap-1.1.1-r1: |
| 15 |
pcap-linux.c:1816: |
| 16 |
|
| 17 |
sys_class_net_d = opendir("/sys/class/net"); |
| 18 |
if (sys_class_net_d == NULL && errno == ENOENT) |
| 19 |
return (0); |
| 20 |
... |
| 21 |
for (;;) { |
| 22 |
errno = 0; |
| 23 |
ent = readdir(sys_class_net_d); |
| 24 |
|
| 25 |
the second line with if looks just plain wrong. Moreover, as far as I see, |
| 26 |
in libpcap-1.2.1 they've already fixed this: |
| 27 |
pcap-linux.c:1949: |
| 28 |
|
| 29 |
sys_class_net_d = opendir("/sys/class/net"); |
| 30 |
if (sys_class_net_d == NULL) { |
| 31 |
if (errno == ENOENT) |
| 32 |
return (0); |
| 33 |
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE, |
| 34 |
"Can't open /sys/class/net: %s", pcap_strerror(errno)); |
| 35 |
return (-1); |
| 36 |
} |
| 37 |
|
| 38 |
So, I'm going to upgrade libpcap to latest ~x86 version and see is this |
| 39 |
really fix this bug… Okay, here it is: |
| 40 |
|
| 41 |
$ dumpcap |
| 42 |
dumpcap: Can't get list of interfaces: Can't open /sys/class/net: Permission denied |
| 43 |
|
| 44 |
So, wireshark still doesn't work on hardened under non-root, but doesn't |
| 45 |
crash anymore, that's a big progress. |
| 46 |
|
| 47 |
-- |
| 48 |
WBR, Alex. |
Archives