Re: tcpdump wiggin out?
Re: tcpdump wiggin out?
- Subject: Re: tcpdump wiggin out?
- From: Chilton Webb <email@hidden>
- Date: Sat, 18 Aug 2001 15:55:08 -0500
Good Sir Ivanhoe,
I don't think you can avoid it. tcpDump apparently requires lower-level
access to the OS, and that is only allowed by super user accounts. sudo
is designed for that purpose--to let you do this without having to log
in as root.
Now, you can probably log in a root and it won't require it, but I
wouldn't suggest that, since it (correct me if I'm wrong here guys)
allows all applications access to lower-levels of the OS, which could be
bad if you had any malicious/problematic apps laying around.
From my somewhat limited understanding of this fancy Unix stuff, it
appears that the more power the currently logged in user has, the more
damage can be caused by applications running while that user is logged
in. Under MacOS9, we were 'always root', so to speak. While you may not
do anything stupid to your OS while logged in as root, errant
applications could, which is why running under root is not considered
good standard operating procedure.
Again, it's been a decade since I had any formal education in Unix, and
I thought I'd never see a *nix box again. Funny how circular life is
sometimes. Anyway, I could be wrong, and I suspect (and expect) my
errors will be drawn out and hung by those in the know.
-Chilton
On Saturday, August 18, 2001, at 02:29 PM, Ivan Myrvold wrote:
When I execute tcpdump, I get the message:
tcpdump: /dev/bpf0: Permission denied
This makes it necessary to use sudo tcpdump for the command.
The same happens when I use libpcap to capture packets in my cocoa
application. How can I avoid this?
Ivan