trying to get rid of "sudo", I've set setuid for "root" user on dumpcap. (SLES 10.3)

It's working fine with regard to capturing. However, the TMPDIR variable is ignored.

Is this a security feature? Does somebody know, how to circumvent this?

Best regards Philipp

asked 23 Feb '11, 05:25

pvh's gravatar image

accept rate: 0%

edited 23 Feb '11, 05:26

This is, apparently, a glibc feature. See:




Oh, and I can't think of a way to avoid it.

[Update] Don't forget to drop by and Accept this answer if it answered your question.


answered 29 Feb '12, 07:43

JeffMorriss's gravatar image

JeffMorriss ♦
accept rate: 25%

edited 09 Mar '12, 06:59

In fact, it's probably a feature of many UN\*Xes other than Linux distributions with glibc; environment variables are often ignored by programs and library routines when running set-UID, as they can be maliciously set in an attempt to trick the set-UID program into reading from or writing to files to which the user shouldn't be given access.

And, as such, there is no way to disable that feature. See, however, the Wireshark Wiki page on capture privileges for some information on how to give dumpcap sufficient privileges.

(29 Feb '12, 23:45) Guy Harris ♦♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: 23 Feb '11, 05:25

Seen: 2,032 times

Last updated: 09 Mar '12, 06:59

p​o​w​e​r​e​d by O​S​Q​A