Please sign in to comment.
Add a script to change the permissions of /dev/bpf*, and a launchd plist
for it, for Mac OS X 10.4 and later. (The script could be useful for BPF-based systems that don't use devfs as well.) We're not installing it at this point; that might happen later.
- Loading branch information...
Showing with 38 additions and 1 deletion.
|@@ -0,0 +1,19 @@|
|+# Unfortunately, Mac OS X's devfs is based on the old FreeBSD|
|+# one, not the current one, so there's no way to configure it|
|+# to create BPF devices with particular owners or groups.|
|+# This startup item will make it owned by the admin group,|
|+# with permissions rw-rw----, so that anybody in the admin|
|+# group can use programs that capture or send raw packets.|
|+# Change this as appropriate for your site, e.g. to make|
|+# it owned by a particular user without changing the permissions,|
|+# so only that user and the super-user can capture or send raw|
|+# packets, or give it the permissions rw-r-----, so that|
|+# only the super-user can send raw packets but anybody in the|
|+# admin group can capture packets.|
|+chgrp admin /dev/bpf*|
|+chmod g+rw /dev/bpf*|
|@@ -0,0 +1,16 @@|
|+<?xml version="1.0" encoding="UTF-8"?>|
|+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">|