If we don't have libcap, relinquish special privileges just after

opening the capture device. That somewhat fixes bug 2273, although the second and subsequent files don't have the right group ownership, probably because of the problem described in the comment before relinquish_special_privs_perm(). We should also relinquish special privileges *before* trying to open the capture pipe, so that we can't open a pipe to which the real user doesn't have access. svn path=/trunk/; revision=24347
author: Guy Harris <guy@alum.mit.edu> 2008-02-16 03:18:36 +0000
committer: Guy Harris <guy@alum.mit.edu> 2008-02-16 03:18:36 +0000
commit: 95f3802ae9684879effa7f57b749e54a87940ee2 (patch)
tree: d886c333c952b1f7c9846cbd0fce2738146eddcb /dumpcap.c
parent: 4aac1e2c0b3f202b1355595b8c2eec1f1dac004b (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/dumpcap.c b/dumpcap.c
index 3f048d845b..56fe00d799 100644
--- a/dumpcap.c
+++ b/dumpcap.c
@@ -82,9 +82,7 @@
 #include "epan/unicode-utils.h"
 #endif
 
-#ifdef HAVE_LIBCAP
 #include "epan/privileges.h"
-#endif
 
 #include "sync_pipe.h"
 
@@ -1077,6 +1075,10 @@ capture_loop_open_input(capture_options *capture_opts, loop_data *ld,
 		       open_err_str);
 #endif
 
+#ifndef HAVE_LIBCAP
+  relinquish_special_privs_perm();
+#endif
+
   if (ld->pcap_h != NULL) {
     /* we've opened "iface" as a network device */
 #ifdef _WIN32
@@ -2245,8 +2247,8 @@ main(int argc, char *argv[])
     sigaction(SIGHUP, &action, NULL);
 #endif  /* _WIN32 */
 
-#ifdef HAVE_LIBCAP
   get_credential_info();
+#ifdef HAVE_LIBCAP
   relinquish_privs_except_capture();
 #endif
author	Guy Harris <guy@alum.mit.edu>	2008-02-16 03:18:36 +0000
committer	Guy Harris <guy@alum.mit.edu>	2008-02-16 03:18:36 +0000
commit	95f3802ae9684879effa7f57b749e54a87940ee2 (patch)
tree	d886c333c952b1f7c9846cbd0fce2738146eddcb /dumpcap.c
parent	4aac1e2c0b3f202b1355595b8c2eec1f1dac004b (diff)