vcustomerindia
asked on
Can I use libpcap without root privileges?
We have created an application which sniffs packets from the network. It runs through Java Web Start and uses libjpcap which in turn uses libpcap. This application is being run on Ubuntu 8.10.
The challenge is, when we run the application using root privileges (such as by using sudo), then it works fine and lists the network cards also. However, when we use it as an unprivileged user, then it doesn't display network card information and thus does no sniffing as well.
Wireshark also behaves in the same manner and and it is specifically mentioned in Wireshark's documentation to sniff the packets through root only. However, it would not be possible to make all users run as root in our environment.
Is there any way we can use non-root privileges to do sniffing? Maybe through
* suid?
* allowing full network card access to a group?
* any other packet capturing library which allows this? We need to use it through java only.
We did "ifconfig eth0 promisc" but it doesn't help.
The challenge is, when we run the application using root privileges (such as by using sudo), then it works fine and lists the network cards also. However, when we use it as an unprivileged user, then it doesn't display network card information and thus does no sniffing as well.
Wireshark also behaves in the same manner and and it is specifically mentioned in Wireshark's documentation to sniff the packets through root only. However, it would not be possible to make all users run as root in our environment.
Is there any way we can use non-root privileges to do sniffing? Maybe through
* suid?
* allowing full network card access to a group?
* any other packet capturing library which allows this? We need to use it through java only.
We did "ifconfig eth0 promisc" but it doesn't help.
ASKER
That doesn't solve the purpose. We are calling specific libraries - libjpcap.so from /usr/lib and there's no command being executed.
What I've learnt about sudo is that through sudo you can grant privileges to particular commands. However here we're not using any particular command. Also, we're executing it through java web start and that is through Firefox. So, to enable it we use "sudo firefox" and then it works fine. But for all users it would need to be specially done which we don't want. We just want them to call a URL from whatever browser and they should be able to do it.
I tried giving suid privileges to Sun Java's javaws application but it doesn't execute with suid privileges.
What I've learnt about sudo is that through sudo you can grant privileges to particular commands. However here we're not using any particular command. Also, we're executing it through java web start and that is through Firefox. So, to enable it we use "sudo firefox" and then it works fine. But for all users it would need to be specially done which we don't want. We just want them to call a URL from whatever browser and they should be able to do it.
I tried giving suid privileges to Sun Java's javaws application but it doesn't execute with suid privileges.
so you saing, by putting that user in sudo file , it will not work , even to give him all right with
ALL commmand ??
ALL commmand ??
> Is there any way we can use non-root privileges to do sniffing?
Impossible, until you run it as root (possibly with sudo).
http://www.programmersheaven.com/mb/java_beginners/369515/369515/how-to-get-root-access/?S=B20000
http://forums11.itrc.hp.com/service/forums/questionanswer.do?admit=109447626+1235131597788+28353475&threadId=861877
--[quote]--
"having a look at J2SE SDK release notes, I found:
"Running Java with setuid or setgid
Java requires dynamic loading (SHLIB_PATH, LD_LIBRARY_PATH) which are disabled in setuid or setgid executables. Therefore Java cannot run with setuid or setgid."
=> I understand that having it working until now with the setuid bit was more an unexpected situation!!!
I have installed and configured sudo on my server as a way to replace the use of setuid.?
"
--[quote]--
Impossible, until you run it as root (possibly with sudo).
http://www.programmersheaven.com/mb/java_beginners/369515/369515/how-to-get-root-access/?S=B20000
http://forums11.itrc.hp.com/service/forums/questionanswer.do?admit=109447626+1235131597788+28353475&threadId=861877
--[quote]--
"having a look at J2SE SDK release notes, I found:
"Running Java with setuid or setgid
Java requires dynamic loading (SHLIB_PATH, LD_LIBRARY_PATH) which are disabled in setuid or setgid executables. Therefore Java cannot run with setuid or setgid."
=> I understand that having it working until now with the setuid bit was more an unexpected situation!!!
I have installed and configured sudo on my server as a way to replace the use of setuid.?
"
--[quote]--
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://linux.about.com/od/commands/l/blcmdl5_sudoers.htm
editi visudo file
add the user and allow the user for that comand with full binary path