Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Native Development

Reply
Developer
BGmot
Posts: 1,068
Registered: ‎11-24-2011
My Device: PlayBook
My Carrier: x

ping & traceroute permissions change 1.0 -> 2.0

Hello RIM,

could you please explain reasoning behind permissions change from

 

$ ls -l /usr/bin/ping*
-rwsr-x--x   1 root      nto           45188 Jun 27  2011 /usr/bin/ping
-rwsr-x--x   1 root      nto           58236 Jun 23  2011 /usr/bin/ping6
$ ls -l /usr/bin/trace*
-rwsr-x--x   1 root      nto           45676 Jun 23  2011 /usr/bin/traceroute
-rwsr-x--x   1 root      nto           40472 Jun 23  2011 /usr/bin/traceroute6
$ 

 

to

$ ls -l /usr/bin/ping*
-rwxr-s---   1 nobody    nto           45192 Dec 16 13:58 /usr/bin/ping
-rwxr-s---   1 nobody    nto           58236 Dec 16 13:58 /usr/bin/ping6
$ ls -l /usr/bin/trace*
-rwxr-s---   1 nobody    nto           45676 Dec 16 13:58 /usr/bin/traceroute
-rwxr-s---   1 nobody    nto           40472 Dec 16 13:58 /usr/bin/traceroute6
$

 

 Now I can't use these nice harmless utilites ant it's not good -(

Thanks.

Please use plain text.
BlackBerry Development Advisor
smcveigh
Posts: 660
Registered: ‎11-29-2011
My Device: developer
My Carrier: other

Re: ping & traceroute permissions change 1.0 -> 2.0

While this is not an answer to your question, I just wanted to point out that ping, traceroute, and some other tools are available from the "Wi-Fi Status" page on your device.  Gears->Wi-Fi->"? button" in the lower-left of the screen->"diagnostic information" pulldown.

 

Cheers,

Sean

Please use plain text.
BlackBerry Development Advisor
smcveigh
Posts: 660
Registered: ‎11-29-2011
My Device: developer
My Carrier: other

Re: ping & traceroute permissions change 1.0 -> 2.0

Setuid or setgid binaries are frowned upon.  A potential exploitable surface which could yield :nto group if someone were to come up with a vulnerability in either utility.  You'll note that they clamped it down from root-setuid to group :nto-setgid in this release.  Probably just more of the ongoing security review process.

 

Cheers,

Sean

Please use plain text.