From 03c8908ec6429a67c3a8f480f1002788ff155bfb Mon Sep 17 00:00:00 2001 From: Olivier Gayot Date: Wed, 20 Jun 2018 18:09:41 +0200 Subject: Stop requiring CAP_NET_ADMIN Since the following commit in the Linux kernel tree 0fdc100bdc4b ethtool: allow non-netadmin to query settings it is no longer necessary to have the CAP_NET_ADMIN capability to query a device speed using ioctl(..., SIOCETHTOOL) in conjonction with the ETHTOOL_GSET ethtool command. The mentioned commit landed first in the 2.6.37 version of the Kernel. This version is no longer maintained nowdays. Since it is not necessary anymore, it is strongly prefered from a security standpoint to drop the CAP_NET_ADMIN capability from the binary. Signed-off-by: Olivier Gayot --- src/print_eth_info.c | 1 - 1 file changed, 1 deletion(-) (limited to 'src/print_eth_info.c') diff --git a/src/print_eth_info.c b/src/print_eth_info.c index b30d2b0..996ce3b 100644 --- a/src/print_eth_info.c +++ b/src/print_eth_info.c @@ -33,7 +33,6 @@ static int print_eth_speed(char *outwalk, const char *interface) { #if defined(LINUX) - /* This code path requires root privileges */ int ethspeed = 0; struct ifreq ifr; struct ethtool_cmd ecmd; -- cgit v1.2.3