[Simh] simh and tap device under linux
Shoppa, Tim
tshoppa at wmata.com
Tue Aug 25 13:53:07 EDT 2009
Tim Newsham writes:
> A better solution would be to adjust your system to allow
> certain non-root users to get access to the sockets needed
> or patch simh to grab the socket as early as possible and
> then drop any elevated euid.
I remember these same thoughts being kicked around several years ago shortly after Ethernet support was added.
What adjustments are possible in a typical Unix/Linux system that allows pcap to work usefully yet doesn't give root access?
I know some proposed running simh inside a VM inside the real computer, with the VM having better ability to turn on network access at the per socket level and providing the security against messing up the "real" machine. But I get confused enough by simh inside a real computer, never mind the VM level.
Tim.
More information about the Simh
mailing list