net/ipv4/ping_group_range sysctl defaults
(too old to reply)
Cristian Rodríguez
2014-07-16 04:57:24 UTC
Raw Message

I suggest changing the defaults of sysctl net/ipv4/ping_group_range..
this feature is unusable because it allows no one to use ping
sockets..(no, not even root )

At least, allow root to use it by default.. but I suggest you just allow
everybody to do so..otherwise it is completely pointless as the main
purpose of this feature is to allow send/recieve ICMP ECHO messages
without special privileges...

Currently traceroute tries to make use of this feature.
"I don't know the key to success, but the key to failure is trying to
please everybody."