-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dropping privileges prevents arping from working on Android #24
Comments
You're saying you need to be in a particular set of groups to allow any network access? Hmm, yes that does sound like it calls for a flag to not drop privileges. Unless: is there a well-known group or user that can be changed to (65534 is "nobody") that still has network access? |
Yes, after calling |
OK, that's what you meant. Could you confirm that if you change https://github.com/ThomasHabets/arping/blob/arping-2.x/src/arping.c#L330 to day In that case can add a flag that allows setting group by name. |
Yes, |
Could you try building current state and running with Actually, maybe |
This works for me, but keep in mind that I am building this in a chrooted Debian environment, where there's no group named |
I know very little of Android development. Do you mean Do you think And do you know of a way to find out that the system is an Android one, or would it even be possible at compile time? (I don't know the dev environment either) |
I'm not an expert here either :) But let's make one thing clear - by Android here I mean the kernel, not the OS. If |
As for detecting Android kernels, presence of a |
Filed separate feature request for detecting android: #25 |
arping
drops all privileges, but since Android uses predefined group ids to allow access to various things (enforced by the kernel), dropping all group ids causesarping
to fail even though the user has access to raw sockets (inet(3003)
).Fail message:
Note that it's not about opening raw sockets, that works fine before dropping privileges. Here's the offending syscall:
Maybe it could be solved by making privilege drop optional?
The text was updated successfully, but these errors were encountered: