[Bug 236819] [tcpdump] capsicum-related changes broke reading IPsec ESP decryption keys from a file
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Apr 2 15:51:49 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=236819
--- Comment #4 from Ed Maste <emaste at freebsd.org> ---
(In reply to Ed Maste from comment #3)
>From the man page:
> The file is opened upon receiving the first ESP packet, so
> any special permissions that tcpdump may have been given
> should already have been given up.
Most expedient way to restore -E 'file foo' functionality is to add to the
cansandbox test in tcpdump.c and avoid sandboxing when -E file is used. Proper
fix will require a bit more consideration.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-net
mailing list