This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

TMPDIR ignored when setuid for dumpcap

0

Hi,

trying to get rid of "sudo", I've set setuid for "root" user on dumpcap. (SLES 10.3)

It's working fine with regard to capturing. However, the TMPDIR variable is ignored.

Is this a security feature? Does somebody know, how to circumvent this?

Best regards Philipp

asked 23 Feb '11, 05:25

pvh's gravatar image

pvh
1112
accept rate: 0%

edited 23 Feb '11, 05:26


One Answer:

0

This is, apparently, a glibc feature. See:

https://bugzilla.redhat.com/show_bug.cgi?id=129682#c1

and/or:

http://lists.gnu.org/archive/html/bug-glibc/2003-08/msg00076.html

Oh, and I can't think of a way to avoid it.

[Update] Don't forget to drop by and Accept this answer if it answered your question.

answered 29 Feb '12, 07:43

JeffMorriss's gravatar image

JeffMorriss ♦
6.2k572
accept rate: 27%

edited 09 Mar '12, 06:59

In fact, it's probably a feature of many UN\*Xes other than Linux distributions with glibc; environment variables are often ignored by programs and library routines when running set-UID, as they can be maliciously set in an attempt to trick the set-UID program into reading from or writing to files to which the user shouldn't be given access.

And, as such, there is no way to disable that feature. See, however, the Wireshark Wiki page on capture privileges for some information on how to give dumpcap sufficient privileges.

(29 Feb '12, 23:45) Guy Harris ♦♦