Dropping privileges prevents arping from working on Android

[zb3]

arping drops all privileges, but since Android uses predefined group ids to allow access to various things (enforced by the kernel), dropping all group ids causes arping to fail even though the user has access to raw sockets (inet(3003)).

Fail message:

arping: libnet_get_hwaddr(): socket: Permission denied

Note that it's not about opening raw sockets, that works fine before dropping privileges. Here's the offending syscall:

setgroups32(0, [])                      = 0
setgid32(65534)                         = 0
setuid32(65534)                         = 0
...
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = -1 EACCES (Permission denied)

Maybe it could be solved by making privilege drop optional?

[ThomasHabets]

You're saying you need to be in a particular set of groups to allow any network access?

Hmm, yes that does sound like it calls for a flag to not drop privileges. Unless: is there a well-known group or user that can be changed to (65534 is "nobody") that still has network access?

[zb3]

Yes, after calling setuid, group 3003(inet) is required to open sockets, while group 3004(net_raw) is required to open raw sockets. I've tested this on Marshmallow, maybe this isn't universal.

[ThomasHabets]

OK, that's what you meant.

Could you confirm that if you change https://github.com/ThomasHabets/arping/blob/arping-2.x/src/arping.c#L330 to day drop_uid(uid, 3003) that it works?

In that case can add a flag that allows setting group by name.

[zb3]

Yes, drop_uid(uid, 3003) works in my case (setgid to 3004 works too)

[ThomasHabets]

Could you try building current state and running with -g inet?

Actually, maybe arping should detect that it's running in Android and do this automatically, since extra arg every command would be annoying.

[zb3]

This works for me, but keep in mind that I am building this in a chrooted Debian environment, where there's no group named inet by default (one has to add it manually, for instance by installing the android-permissions package).

[ThomasHabets]

I know very little of Android development. Do you mean android-permissions needs to be installed on the Android phone, or in the development environment?

Do you think arping -g should accept numeric group as well?

And do you know of a way to find out that the system is an Android one, or would it even be possible at compile time? (I don't know the dev environment either)

[zb3]

I'm not an expert here either :) But let's make one thing clear - by Android here I mean the kernel, not the OS.
android-permissions is a Debian package which simply adds groups with proper ids to the /etc/group file so we can refer to them by name. So in that case, we'd need it installed in the OS. It's Debian specific, but we can always use groupadd or simply edit the file.

If arping -g accepted numeric groups, it could make those things easier.

[zb3]

As for detecting Android kernels, presence of a /dev/binder file seems Android specific, but maybe there's a better way.

[ThomasHabets]

Filed separate feature request for detecting android: #25