-
-
Notifications
You must be signed in to change notification settings - Fork 81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add an extra check for capabilities when executing the commands #98
Comments
@dastergon |
Hey @thombashi, Is there an ETA for the new release? Thanks |
@dastergon |
@dastergon |
@thombashi thanks a lot! cheers |
I'll close the issue. |
Besides the execution of the commands as a root user, you can also employ Linux capabilities and apply
CAP_NET_ADMIN
andCAP_NET_RAW
totc
andiptables
in order to use them as a regular user.In your root check , you could implement an extra check for those two capabilities and permit the execution or else raise an Exception or print an informative error. Currently, I am unable to use
tcconfig
tools due to that check and I have to modify the code and run it again.How to use capabilities
Get the capabilities of a command:
Set capabilities to a command:
The text was updated successfully, but these errors were encountered: