i'm puzzled by something i just tripped over on my fully-updated f31 system ... while mucking around with some networking, i happened to run:
$ ls -l /usr/bin/ping
and was surprised to see it rendered in the colour scheme (yellow letters on red background) normally reserved for setuid executables. i looked closer but saw nothing amiss:
$ ls -l /usr/bin/ping -rwxr-xr-x. 1 root root 83136 Jul 25 13:28 /usr/bin/ping $
running "lsattr" on that executable didn't seem to show anything unusual, and all of the other executables under /usr/bin that are rendered in that colour scheme are, indeed, setuid. am i misunderstanding something really trivial?
rday
On Sat, 4 Jan 2020, Robert P. J. Day wrote:
i'm puzzled by something i just tripped over on my fully-updated f31 system ... while mucking around with some networking, i happened to run:
$ ls -l /usr/bin/ping
and was surprised to see it rendered in the colour scheme (yellow letters on red background) normally reserved for setuid executables. i looked closer but saw nothing amiss:
$ ls -l /usr/bin/ping -rwxr-xr-x. 1 root root 83136 Jul 25 13:28 /usr/bin/ping $
running "lsattr" on that executable didn't seem to show anything unusual, and all of the other executables under /usr/bin that are rendered in that colour scheme are, indeed, setuid. am i misunderstanding something really trivial?
oh, wait, this is a capabilities thing, isn't it?
rday
Robert P. J. Day wrote on 2020/01/04 23:34:
On Sat, 4 Jan 2020, Robert P. J. Day wrote:
i'm puzzled by something i just tripped over on my fully-updated f31 system ... while mucking around with some networking, i happened to run:
$ ls -l /usr/bin/ping
and was surprised to see it rendered in the colour scheme (yellow letters on red background) normally reserved for setuid executables. i looked closer but saw nothing amiss:
$ ls -l /usr/bin/ping -rwxr-xr-x. 1 root root 83136 Jul 25 13:28 /usr/bin/ping $
running "lsattr" on that executable didn't seem to show anything unusual, and all of the other executables under /usr/bin that are rendered in that colour scheme are, indeed, setuid. am i misunderstanding something really trivial?
oh, wait, this is a capabilities thing, isn't it?
Exactly. You can check this by $ getcap /usr/bin/ping
Regards, Mamoru
On Sat, 4 Jan 2020, Mamoru TASAKA wrote:
Robert P. J. Day wrote on 2020/01/04 23:34:
On Sat, 4 Jan 2020, Robert P. J. Day wrote:
i'm puzzled by something i just tripped over on my fully-updated f31 system ... while mucking around with some networking, i happened to run:
$ ls -l /usr/bin/ping
and was surprised to see it rendered in the colour scheme (yellow letters on red background) normally reserved for setuid executables. i looked closer but saw nothing amiss:
$ ls -l /usr/bin/ping -rwxr-xr-x. 1 root root 83136 Jul 25 13:28 /usr/bin/ping $
running "lsattr" on that executable didn't seem to show anything unusual, and all of the other executables under /usr/bin that are rendered in that colour scheme are, indeed, setuid. am i misunderstanding something really trivial?
oh, wait, this is a capabilities thing, isn't it?
Exactly. You can check this by $ getcap /usr/bin/ping
yes, i twigged to that shortly after asking ... i was just thrown that that seems to be the only /usr/bin executable with that property, which confused me.
rday
On Sat, 4 Jan 2020 at 14:47, Robert P. J. Day rpjday@crashcourse.ca wrote:
yes, i twigged to that shortly after asking ... i was just thrown that that seems to be the only /usr/bin executable with that property, which confused me.
I've got a different colour scheme that includes separate colour combinations for SETUID, SETGID, and CAPABILITY.
Just checked my F31 /usr/bin, and the CAPABILITY colour scheme is applied to:
arping clockdiff dumpcap gnome-keyring-daemon newgidmap newuidmap ping
Andy
On Sat, 4 Jan 2020, Andy Blanchard wrote:
On Sat, 4 Jan 2020 at 14:47, Robert P. J. Day rpjday@crashcourse.ca wrote:
yes, i twigged to that shortly after asking ... i was just thrown that that seems to be the only /usr/bin executable with that property, which confused me.
I've got a different colour scheme that includes separate colour combinations for SETUID, SETGID, and CAPABILITY.
Just checked my F31 /usr/bin, and the CAPABILITY colour scheme is applied to:
arping clockdiff dumpcap gnome-keyring-daemon newgidmap newuidmap ping
yes, a closer look shows a few more executables with that property, i was just being sloppy about checking.
rday
-
Andy Blanchard -
Mamoru TASAKA -
Robert P. J. Day