-   Linux - Software (
-   -   possible to run iftop as non-root? (

drokmed 11-15-2006 03:36 PM

possible to run iftop as non-root?
I'd like to run iftop without su. Is it possible?

If not, can I create a non-root login that only displays iftop, and logs out when exiting?

I need to give our general manager access to iftop (or equivalent if theres something better), so he can see who's killing the network bandwidth without bugging me.

unSpawn 11-15-2006 08:33 PM

If it's a no login thing then maybe you could make it output to another tty say 11 or 12. Else if it's a local no-password login then you could run a wrapper shell that runs iftop and exits if iftop stops. If it's a remote login then you should set the authorized_key entry to only run a sudo command and set a NOPASSWD sudo entry. If iftop can run a subshell (can vaguely remember trying it ages ago so I can't remember) run it through "noexec" or equivalent. If just a single shot picture is needed you could skip the login present output in a CGI webpage? Under no circumstances should you chmod the binary setuid if it's not meant to run that way (and even if).
Just some thoughts.

drokmed 11-16-2006 09:38 AM


I decided to give him a shell account, and went with the sudo option. Works great!

Thanks! :)

ALInux 01-18-2010 10:25 AM

This is an old thread. However when you give sudo on iftop, the user can execute ! in iftop and this allows him to execute root commands from whitin iftop.

All times are GMT -5. The time now is 03:34 PM.