"Michael W. Lucas" <mwlu...@michaelwlucas.com> writes: > Hi,
Hi, > Running the 12/12 snapshot, amd64. > > I'm setting up the looking glass CGI included with httpd. Requests for > ping and traceroute fail. > > Per bgplg(8), I've set mode 4555 on the static binaries: > > ls -lai /var/www/bin/ > total 1844 > 77958 drwxr-xr-x 2 root daemon 512 Dec 11 17:47 . > 77956 drwxr-xr-x 15 root daemon 512 Dec 12 15:35 .. > 77959 -r-xr-xr-x 1 root bin 256240 Dec 8 12:09 bgpctl > 77978 -rwxr-xr-x 1 root bin 273200 Dec 8 15:36 femail > 77960 -r-sr-xr-x 2 root bin 318320 Dec 8 12:09 ping > 77960 -r-sr-xr-x 2 root bin 318320 Dec 8 12:09 ping6 > 77961 -r-sr-xr-x 2 root bin 281168 Dec 8 12:09 traceroute > 77961 -r-sr-xr-x 2 root bin 281168 Dec 8 12:09 traceroute6 > > Ping and traceroute run fine as root. As an unprivileged user, though, > I get: > > ./ping 8.8.8.8 > ping: socket: Permission denied > > $ ./traceroute 8.8.8.8 > traceroute: unable to revoke privs: Operation not permitted > > Any suggestions? Or have I found a bug? Is the partition that holds /var/www/bin mounted "nosuid"? -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
