Permanently grant read access to /dev/bpf*
- Thread starter guitarmy
- Start date
Assuming this is a command line packet sniffer, use sudo to run it instead.
Changing system directory permissions isn't a good idea.
Changing system directory permissions isn't a good idea.
davidbrit2
Licensed Computer Geek
To avoid using sudo every time, you can just enable the setuid bit on the application. Do this carefully though, because it means anybody who runs the program is running it with root permissions.
Okay, here's what you do: (most of it from the Terminal)
1. First, set the owner of the program to root. With the setuid bit enabled, the program is run with the permissions of the owner.
2. Set the group to admin (assuming you're an admin user). This way we can set it so only admin users have access to the program.
3. chmod 4750 programfilename
The chmod command alters the permission bits. In this case, here's what they represent.
4 - setuid bit enabled
7 - read, write, execute enabled for owner (root)
5 - read, execute enabled for group (admin)
0 - all other users have no access
This is how I usually do it for programs like tcpdump and tcpflow, and it works like a charm.
Okay, here's what you do: (most of it from the Terminal)
1. First, set the owner of the program to root. With the setuid bit enabled, the program is run with the permissions of the owner.
2. Set the group to admin (assuming you're an admin user). This way we can set it so only admin users have access to the program.
3. chmod 4750 programfilename
The chmod command alters the permission bits. In this case, here's what they represent.
4 - setuid bit enabled
7 - read, write, execute enabled for owner (root)
5 - read, execute enabled for group (admin)
0 - all other users have no access
This is how I usually do it for programs like tcpdump and tcpflow, and it works like a charm.