Recently I’d found that ping utility on Ubuntu 20.04 and Ubuntu 21.04 works without root
permissions, suid flag, or CAP_NET_RAW capability. In the
Kernel documentation it is said
that ping uses ICMP_PROTO datagram sockets and it’s possible to allow users without root
permissions to create such sockets:
ping_group_range - 2 INTEGERS
Restrict
ICMP_PROTOdatagram sockets to users in the group range. The default is “1 0”, meaning, that nobody (not even root) may create ping sockets. Setting it to “100 100” would grant permissions to the single group. “0 4294967295” would enable it for the world, “100 4294967295” would enable it for the users, but not daemons.
I’d checked /proc/sys/net/ipv4/ping_group_range and found 0 2147483647 interval.
Also, there is a
code example
that demonstrates the use of ICMP_PROTO sockets.