APT whitelist request for tcpdump

[BanzaiMan]

This replaces travis-ci/travis-ci#4338.

The original text by @mcr follows

---

need tcpdump to do comparisons on packets emitted by code in test harness.

[BanzaiMan]

Ran tests and found setuid bits by purely textual search. Further analysis is required.

If these are found to be benign, add:

tcpdump

See https://travis-ci.org/travis-ci/apt-whitelist-checker/builds/72545564.

[mcr]

sigh, distros strike again, tcpdump.org does not recommend setuid on tcpdump, but rather to use capabilities, or just sudo.

[mcr]

I read the test scan: yes, tcpdump is careful to give up setuid/setgid bits, if the installer wants to install it that way, but it isn't installed setuid by default by the package... (I am also maintainer of tcpdump and libpcap)

[remyleone]

@BanzaiMan Any updates on this? tcpdump would be useful to test https://github.com/secdev/scapy @p-l-

[travisbot]

This is an automated comment.

Ran tests and found setuid bits by purely textual search. Further analysis is required.

If these are found to be benign, examine http://github.com/travis-ci/apt-package-whitelist/compare/test-apt-package-whitelist-405 and its PR.

Packages found: tcpdump

See https://travis-ci.org/travis-ci/apt-whitelist-checker/builds/440490090 for details.

[mcr]

Again, tcpdump has support for setuid, and one some platforms it is installed in this way so that group permissions can be used to enable un-privileged capture (via group membership), on Ubuntu, this is not done.

I look at the referenced ticket and URLs, and I can't find tcpdump in the list. The process is really tedious, long and ultimately has be looking for another CI platform.

[BanzaiMan]

We will be moving away from EC2. For the long-term, I advise that you use sudo: required, where you can install tcpdump.