Move tcpdump to /system/xbin (instead of /system/bin), and configure it to shed privileges by default (if running as root) after binding the socket needed to sniff with.

commit: ae21bd0d82ab0b179d661f0c779e633b75bb4474 [log] [tgz]
author: Dan Egnor <egnor@google.com> Fri May 15 12:43:43 2009 -0700
committer: Dan Egnor <egnor@google.com> Fri May 15 12:43:43 2009 -0700
tree: 87573d5a9625bdeb883d2364c3653785857eb7de
parent: 2949f58a438f6fd85f66a8b7ed4708042cde4b37 [diff] [blame]
diff --git a/config.h b/config.h
index 76ba53b..6cc6d75 100644
--- a/config.h
+++ b/config.h

@@ -131,7 +131,7 @@
 /* #undef HAVE_NETDNET_DNETDB_H_DNET_HTOA */
 
 /* define if should drop privileges by default */
-/* #undef WITH_USER */
+#define WITH_USER "shell"
 
 /* define if should chroot when dropping privileges */
 /* #undef WITH_CHROOT */
commit	ae21bd0d82ab0b179d661f0c779e633b75bb4474	[log] [tgz]
author	Dan Egnor <egnor@google.com>	Fri May 15 12:43:43 2009 -0700
committer	Dan Egnor <egnor@google.com>	Fri May 15 12:43:43 2009 -0700
tree	87573d5a9625bdeb883d2364c3653785857eb7de
parent	2949f58a438f6fd85f66a8b7ed4708042cde4b37 [diff] [blame]