Chat on IRC |
tcp doubt
Posted by bala_j [send private reply] at December 17, 2001, 12:43:19 PM
hi,
(1)I have a doubt in sockets! .why SOCK_RAW can only be used in root user id and why it can`t be implemented as a normal user and whats so special in userid=0(root). (2) In Linux,solaris,unix flavours why ping can`t be executed in client systems and why the root user can alone use ? please help me in improving learning the basics of tcp programming.
Posted by Psion [send private reply] at December 17, 2001, 12:55:09 PM
I'm not really an expert in this area, but I think you can do some rather abusive things, like making your packets look like they come from some other machine, if you have raw socket access. The idea would be that administrators wouldn't want their users doing this. The same sort of thing holds for the ping question; the restrictions are there to curtail abuse.
Posted by taubz [send private reply] at December 17, 2001, 04:54:51 PM
I agree. As far as what's so special about userid=0.... That's the userid that can do anything, and because of that it's special. In normal cases, you don't want all of the users of a system to be able to do *anything* to the system. Certain things like formatting the hard drive, changing key system files, etc should be restricted to only the administrator of a system. And even then, you don't want the administrator to make accidental mistakes. So, the full access to these things is restricted to the root user.
- taubz
Posted by drdevil [send private reply] at December 29, 2001, 12:16:22 PM
You can do loads of stuff with RAW sockets like as Psion said, spoofing source address etc, its generally considered unneeded for most applications.
ICMP packet creation isnt support by the kernel, so ping needs to use RAW sockets to generate the packet.
Register as a new user | ||||||