alt Hacker NewsWorth noting you don't actually need to be fully root in Linux to do standard pings with your code, there's a couple of different options available at the OS level without needing to modify code.
1. You can just add the capability CAP_NET_RAW to your process, at which point it can ping freely
2. There's a sysctl that allows for unprivileged ping "net.ipv4.ping_group_range" which can be used at the host level to allow different groups to use ICMP ping.
Replies
vbezhenar • today at 9:33 AM
> You can just add the capability CAP_NET_RAW to your process, at which point it can ping freely
What are consequences of this capability? Seems like restricting this to root was done for a reason?
➕ show 1 reply
option 2 is what this blog is about, the example code creates a socket using that method