(github.com)

664 points alexflint | 3 comments | 03 Feb 25 16:28 UTC | HN request time: 0.639s | source

1. concerndc1tizen ◴[03 Feb 25 22:06 UTC] No.42923928[source]▶

>>42919909 (OP) #

Which privileges are required? CAP_NET_ADMIN? Or nothing at all?

2. alexflint ◴[03 Feb 25 22:55 UTC] No.42924528[source]▶

Nothing at all!

You do need write access to /dev/net/tun. This is standard for all users for the distros that I've looked into, but it is ultimately a distro-specific thing.

replies(1): >>42930692 #

3. concerndc1tizen ◴[04 Feb 25 10:37 UTC] No.42930692[source]▶

>>42924528 #

I'm curious because in a Kubernetes environment, the privileges can be minimal, i.e. read only filesystem, running as nobody, empty filesystem, etc.

↑

Httptap: View HTTP/HTTPS requests made by any Linux program