Raw sockets need root priviliege

Why do we need root privileges 开发者_运维技巧when we use raw sockets ?

It's because you can spoof custom packets, which may interfere with inbound traffic. This too is also bad.

In short raw sockets is restricted to root because if it otherwise it would break other rules for networking that are in place.

A long standing rule is that you cannot bind on a port lower than 1024 without root's blessing. With raw sockets you can simulate a server on any port. (naturally being able to receive on this port is a different story you'd also have to sniff the network, but perhaps this could be done with a different machine.)

Opening a raw socket allows to read anything that is received in a given interface, so, basically, you can read any packet that is directed to any application - even if that application is owned by another user. That basically means that the user with this capability is able to read any and all communications of all users.