diff options
author | Christian Grothoff <christian@grothoff.org> | 2010-02-06 23:23:14 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2010-02-06 23:23:14 +0000 |
commit | 8721bed1d8c889b98020870d5453e6648355b3bd (patch) | |
tree | 98dedbc4d9b19186a83bf9b6ea3f97cce5cb4d43 /src/transport/gnunet-nat-client.c | |
parent | 94229794b52dd866fe7d27ffbed20da18934087d (diff) | |
download | gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.tar.gz gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.zip |
SUID comments, review
Diffstat (limited to 'src/transport/gnunet-nat-client.c')
-rw-r--r-- | src/transport/gnunet-nat-client.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/transport/gnunet-nat-client.c b/src/transport/gnunet-nat-client.c index ba99c8816..42af5ca77 100644 --- a/src/transport/gnunet-nat-client.c +++ b/src/transport/gnunet-nat-client.c | |||
@@ -23,6 +23,21 @@ | |||
23 | * @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do) | 23 | * @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do) |
24 | * This code will work under GNU/Linux only. | 24 | * This code will work under GNU/Linux only. |
25 | * @author Christian Grothoff | 25 | * @author Christian Grothoff |
26 | * | ||
27 | * This program will send ONE ICMP message using RAW sockets | ||
28 | * to the IP address specified as the second argument. Since | ||
29 | * it uses RAW sockets, it must be installed SUID or run as 'root'. | ||
30 | * In order to keep the security risk of the resulting SUID binary | ||
31 | * minimal, the program ONLY opens the RAW socket with root | ||
32 | * priviledges, then drops them and only then starts to process | ||
33 | * command line arguments. The code also does not link against | ||
34 | * any shared libraries (except libc) and is strictly minimal | ||
35 | * (except for checking for errors). The following list of people | ||
36 | * have reviewed this code and considered it safe since the last | ||
37 | * modification (if you reviewed it, please have your name added | ||
38 | * to the list): | ||
39 | * | ||
40 | * - Christian Grothoff | ||
26 | */ | 41 | */ |
27 | #define _GNU_SOURCE | 42 | #define _GNU_SOURCE |
28 | #include <sys/types.h> | 43 | #include <sys/types.h> |