Kismet Wireless

Kismet Forums

 

Posted by:chris99
Subject:launch Kismet with simple user
Date:10:02:39 05/02/2008

> > Hello,
> >
> >
> > If i compile the program and don't use the ubuntu packaged version, i can run the program and drop the privileges to a simple user. But i need to use "sudo kismet" from the user and not just "kismet".
>
> Read the documentation, "Suid root and security"
>
> Kismet MUST start as root. You have to decide how you get it to that point.
>
> Suid prov-dropping disabled means that whoever compiled the ubuntu package removed that option - not too unusual considering the package is meant for generic systems that might have untrusted users.
>
> -m

Thanks for your message.

I compiled the tool under ubuntu 7.04/10 and noticed the following thing:

1. *****************************

./configure
make dep
make suidinstall -> returns an error:

make -e commoninstall
make[1]: Entering directory « /home/po/Desktop/test »
mkdir -p /usr/local/etc
mkdir -p /usr/local/bin
install -o "root" -g "root" -m 755 kismet /usr/local/bin/kismet
install: cannot stat `kismet': No such file or directory
make[1]: *** [commoninstall] Error 1
make[1]: Leaving directory « /home/po/Desktop/test »
make: *** [suidinstall] Error 2

So i used only "make". and it's working.

This is the same error than a previous message:
http://www.kismetwireless.net/Forum/General/Messages/1195179737.062078

2. *******************

When i run sudo kismet from a simple user, it seems to work. Kismet indicates it dropped privileges to my simple user.

When i check the kismet processes:
ps -ef | grep kismet

root 13022 12467 0 10:58 pts/2 00:00:00 kismet
user 13023 13022 0 10:58 pts/2 00:00:00 /usr/local/bin/kismet_server --silent
root 13027 13023 0 10:58 pts/2 00:00:00 /usr/local/bin/kismet_server --silent
root 13028 13022 0 10:58 pts/2 00:00:00 /usr/local/bin/kismet_client
root 13029 13028 0 10:58 pts/2 00:00:00 /usr/local/bin/kismet_client
root 13038 13029 0 10:58 pts/2 00:00:00 /usr/local/bin/kismet_client
root 13044 13038 0 10:58 pts/2 00:00:00 /usr/local/bin/kismet_client
root 13046 12577 0 10:58 pts/3 00:00:00 grep kismet


A have only one process owned by my simple user, it is normal?
Thanks a lot for giving your opinion.

Chriss


Reply to this message