Re^2: WEB CGI TCPDUMP

Replies are listed 'Best First'.
Re^3: WEB CGI TCPDUMP by Corion (Patriarch) on Jul 16, 2009 at 10:29 UTC
You don't want to change that, seriously. Running any program as `root` is a potential security risk for the machine and other machines in the same network. Running a program that is accessible via the network as `root` is a recipe for certain disaster. Ask your security person or your system administrator about what options are available to you. I'm not exactly sure what benefit running `tcpdump` via CGI over the network has for you over simply running `tcpdump` via a `ssh` login. But if you're convinced that CGI is a must, I recommend having a cron job or daemon program that runs `tcpdump` as root and writes the output to a known, fixed location. Potentially you can submit new jobs to that program by writing a file with the job parameters to a known location where the daemon program picks them up.	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re^3: WEB CGI TCPDUMP
by Corion (Patriarch) on Jul 16, 2009 at 10:29 UTC

You don't want to change that, seriously.

Running any program as root is a potential security risk for the machine and other machines in the same network. Running a program that is accessible via the network as root is a recipe for certain disaster. Ask your security person or your system administrator about what options are available to you.

I'm not exactly sure what benefit running tcpdump via CGI over the network has for you over simply running tcpdump via a ssh login. But if you're convinced that CGI is a must, I recommend having a cron job or daemon program that runs tcpdump as root and writes the output to a known, fixed location. Potentially you can submit new jobs to that program by writing a file with the job parameters to a known location where the daemon program picks them up.

[reply]
[d/l]
[select]