LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 12-13-2005, 02:06 PM   #1
sjcoder
LQ Newbie
 
Registered: Dec 2005
Posts: 13

Rep: Reputation: 0
raw packet sending & receiving


I have need to open a raw socket for link layer level packet sending and receiving.

mysock= socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL);

However, man raw(7) tell me:

"Only processes with an effective user id of 0 or the CAP_NET_RAW capability are allowed to open raw sockets."

But eventually I need to run this program in user mode also. And I have to log into the su mode to create this socket. Any idea how to resolve this?

sjcoder
 
Old 12-13-2005, 08:58 PM   #2
randyding
Member
 
Registered: May 2004
Posts: 552

Rep: Reputation: 31
Possibly two ways, run the program suid so it has the proper permission no matter who starts it. Or, create a daemon running as root that does the actual raw socket work and talk to the daemon over a regular socket from your user application.
 
Old 12-14-2005, 12:27 AM   #3
primo
Member
 
Registered: Jun 2005
Posts: 542

Rep: Reputation: 34
Remember to drop privileges after getting the raw socket if you make your program setuid. Just make it the 1st thing your program does, then drop 'em.
 
Old 01-05-2006, 06:19 PM   #4
sjcoder
LQ Newbie
 
Registered: Dec 2005
Posts: 13

Original Poster
Rep: Reputation: 0
"run the program suid so it has the proper permission no matter who starts it."

To follow up the discussion here. I have tried to open the raw socket I mentioned above with a project I created from KDevelop environment . I made setuid(0) before the socket() call, setuid(0) call retuned -1. Anyone give me a hint about the right way to do it.

Running a daemon at root would be too complicated for me.

Or should I write a driver module for this raw socket communication?

All your inputs are appreciated.

sjcoder
 
Old 01-05-2006, 06:24 PM   #5
primo
Member
 
Registered: Jun 2005
Posts: 542

Rep: Reputation: 34
setuid(0) fails because you don't have the privileges. You need to set the set-uid bit on the executable: "chmod u+s /path/to/exec". Then use "setuid(getuid());" in your code to drop privileges.
 
Old 01-05-2006, 07:25 PM   #6
sjcoder
LQ Newbie
 
Registered: Dec 2005
Posts: 13

Original Poster
Rep: Reputation: 0
(1) By "chmod u+s /path/to/exec", meaning I have to do this in the command line? Is anyway to resolve this in the code?

(2) Then use "setuid(getuid());" in your code to drop privileges.
I think I need do the best to drop the previlage before exit. What is the consequnce if some exception happen that made me missing the drop call?

Thanks,

sjcoder
 
Old 01-05-2006, 07:44 PM   #7
primo
Member
 
Registered: Jun 2005
Posts: 542

Rep: Reputation: 34
Quote:
Originally Posted by sjcoder
(1) By "chmod u+s /path/to/exec", meaning I have to do this in the command line? Is anyway to resolve this in the code?
No program can get root privileges by itself. It must have been granted by root manually.

Quote:
(2) Then use "setuid(getuid());" in your code to drop privileges.
I think I need do the best to drop the previlage before exit. What is the consequnce if some exception happen that made me missing the drop call?
I guess you only need the privileges to get the raw sockets. Dropping them right after obtaining it conforms to the best security practice. Then you can safely register signal handlers and do stuff without the risk of compromise in your program. Remember to setrlimit() with RLIMIT_CORE so any core file won't contain passwords and sensitive data that is passing through your network interfaces.

Thanks,

sjcoder[/QUOTE]
 
Old 01-11-2006, 05:07 AM   #8
sjcoder
LQ Newbie
 
Registered: Dec 2005
Posts: 13

Original Poster
Rep: Reputation: 0
Want continue on this topic. After I open the raw socket as I mentioned. I set the sock to be IFF_PROMISC after socket() call. I then wrote a function to recieve the package. but I found out the recvfrom() call is really slow/stucked from time to time. Is anyone know what is the problem? I did not find the option/flag to set recvfrom() call do not wait even data is not availabe.

int receive_pkt(void *pCurBuff, size_t uiSize)
{
int iNumRecv = 0;
struct sockaddr_ll ll;
socklen_t len = sizeof(struct sockaddr_ll);
memset(&ll, 0, len);
#ifdef DEBUG_OUTPUT
printf("receive_pkt(): sock=%d\n", sock);
#endif
// Receive the User Buffer from the Source Address, Check if Error Returned
iNumRecv = recvfrom(sock, pCurBuff, uiSize, 0, (sockaddr*)&ll, &len);
......
}

sjcoder
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How To Divert Email While Receiving And Sending? kiranprashant Programming 2 09-14-2005 06:21 AM
How To Divert Email While Receiving And Sending? kiranprashant Linux - Newbie 2 09-13-2005 02:51 PM
Raw Syn Packet with Data GodSendDeath Programming 4 04-06-2004 05:53 PM
Raw Packet Data vanibhat Linux - Security 1 08-01-2003 08:42 AM
Sending And Receiving Mail Using Pine Bheki Linux - Newbie 1 01-25-2002 08:09 AM


All times are GMT -5. The time now is 03:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration