On Linux, "net.ipv4.ping_group_range" is typically used to allow unprivileged users to do ICMP echo requests. Setting the setuid bit or granting a capability are both very old ways of doing this.
ping_group_range (two integers; default: see below; since Linux 2.6.39)
Range of the group IDs (minimum and maximum group IDs,
inclusive) that are allowed to create ICMP Echo sockets.
>>The default is "1 0", which means no group is allowed to
create ICMP Echo sockets.<<
This would seem to indicate this isn't being used -- at least on Ubuntu? What am I missing?
So, here's what I see on Ubuntu 24.04 LTS:
The man page[1] states: This would seem to indicate this isn't being used -- at least on Ubuntu? What am I missing?1. https://www.man7.org/linux/man-pages/man7/icmp.7.html