Solaris privileges to use pinger w/o setuid-root

From: Frank Fegert <fra.nospam.nk@dont-contact.us>
Date: Thu, 24 Jan 2008 19:41:25 +0100

Hi all,

i did a quick hack and patched Solaris privileges support into pinger.c
from squid-2.6.STABLE18. This should allow to run pinger w/o setuid-root,
while still being able to access ICMP-sockets. The $SQUID_USER gets the
additional PRIV_NET_ICMPACCESS rights via:
  /usr/sbin/usermod -K defaultpriv=basic,net_icmpaccess $SQUID_USER

While probably not so interesting for the general public, could someone
with a bit more squid-code knowledge than me take a look at the patch?
I just want to make sure i didn't inadvertedly break something else ;-)

Thanks,

        Frank

Received on Thu Jan 24 2008 - 11:41:36 MST

This archive was generated by hypermail pre-2.1.9 : Wed Jan 30 2008 - 12:00:09 MST