1

I'm developing a small C++ tool that makes use of libtins. To run its network sniffer with enough permissions, it is required whether to use sudo or setcap cap_net_bind_service=+ep <binaryFile>.

As my program is being called from the web server, when the user interacts with the frontend, I cannot use sudo, so I opted for the setcap solution. The problem is, setcap disables LD_LIBRARY_PATH, so the program will complain about not finding a library. How should I set the library path?

I've also seen mentions to authbind, but I don't quite understand how can I grant the program access to all ports.

dvilela
  • 1,200
  • 12
  • 29
  • 2
    Can you use `LD_RUN_PATH` or the `ld` option `-rpath` at link time? – JimD. May 14 '20 at 19:36
  • I'm using Meson build system, and if I understood it correctly, [that is not supported](https://github.com/mesonbuild/meson/issues/2567). At least I didn't find a way to make it work. I guess my options are to link statically or install to system, right? – dvilela May 15 '20 at 06:00
  • Maybe [change rpath in the executable itself](https://stackoverflow.com/questions/13769141/can-i-change-rpath-in-an-already-compiled-binary)? – JimD. May 15 '20 at 14:13

0 Answers0