Re: Who changes /bin/ping on my system ?
On Wed 05 Mar 2014 at 09:29:18 +1100, Scott Ferguson wrote:
> > On 04/03/14 19:16, Tim Ruehsen wrote:
> >> Setting up iputils-ping (3:20121221-5) ...
> >> Setcap worked! *Ping(6) is not suid!*
>
> The above line, emphasis mine, is what prompted second thoughts.
> Perhaps one of the changes between the version you are running and mine
> is that ping is no longer meant to run suid?
In unstable iputils-ping recommends libcap2-bin, which has setcap. From
the postinst:
# If we have setcap is installed, try setting cap_net_raw+ep,
# which allows us to install our binaries without the setuid
# bit.
Also:
root@desktop:~# apt-get install iputils-ping --no-install-recommends
Reading package lists... Done
Building dependency tree
Reading state information... Done
Recommended packages:
libcap2-bin
The following NEW packages will be installed:
iputils-ping
0 upgraded, 1 newly installed, 0 to remove and 170 not upgraded.
Need to get 0 B/54.2 kB of archives.
After this operation, 112 kB of additional disk space will be used.
Selecting previously unselected package iputils-ping.
(Reading database ... 45120 files and directories currently installed.)
Preparing to unpack .../iputils-ping_3%3a20121221-5_i386.deb ...
Unpacking iputils-ping (3:20121221-5) ...
Processing triggers for man-db (2.6.5-3) ...
Setting up iputils-ping (3:20121221-5) ...
Setcap is not installed, falling back to setuid
Reply to: