Ethereal-dev: Re: [Ethereal-dev] FYI

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Thomas Steffen <steffen.list.account@xxxxxxxxx>
Date: Wed, 26 Oct 2005 19:30:58 +0200
On 10/26/05, LEGO <luis.ontanon@xxxxxxxxx> wrote:
> I believe it is preety normal that it is the largest packages to have
> the most bugs. I'm convinced that the more code you have the more
> likely it is to have a bug in it.

I agree. Ethereal is by its nature always a bit experimental, with new
protocols being added all the time.

> I do not think a buffer overflow in a KEdit's dialog would be
> considered a security threat as critical as the same bug in an
> ethereal dissector that can be invoked via IP.

Any idea how to reduce the impact? I am probably lazy, in that I
usually run Ethereal as root. Given that we have a separate capture
process already, privilege separation should not be difficult. Or is
that not considered necessary, because (at least on UNIX) you can set
the premissions on the capture device to our user?

Thomas