PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Maybe Weirdan is right but try to "chmod 4755 /bin/ping". I think it is SE Linux problem and I have to check it ... I'll talk to a colleague about SE Linux and suid and post it here if there is something useful
There are 10 types of people in this world, those who understand binary and those who don't
I would suggest you to use sudo and its config file /etc/sudoers instead of using SUID (that is chmod 4755). It would be more secure and additionally you would have more functionality accessible. E.g. instead of:
I would suggest you to use sudo and its config file /etc/sudoers instead of using SUID
ping binary has always been installed with SUID bit set on every *nix system I encountered (otherwise ordinary users would not be able to use it because receiving an icmp packet requires root privileges). Since when it's necessary to use sudo to do pings? I must have missed something.
I would suggest you to use sudo and its config file /etc/sudoers instead of using SUID
ping binary has always been installed with SUID bit set on every *nix system I encountered (otherwise ordinary users would not be able to use it because receiving an icmp packet requires root privileges).
Yeah, I know it is SUIDed by default. That's why I've decided it is a SE Linux problem. Anyway, SUID would always be a security weakness - sudo is a better way to do it ...
Weirdan wrote:Since when it's necessary to use sudo to do pings? I must have missed something.
Yes, you missed something:
VladSun wrote:ping -c2 -f yahoo.com
the "-f" argument insists that you are really root, not just SUID...
There are 10 types of people in this world, those who understand binary and those who don't