Ethereal-users: RE: [Ethereal-users] No more suid?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Eichert, Diana" <deicher@xxxxxxxxxx>
Date: Wed, 24 Oct 2001 11:47:24 -0600
install sudo

-----Original Message-----
From: aferen@xxxxxxxxxxxx [mailto:aferen@xxxxxxxxxxxx]
Sent: Wednesday, October 24, 2001 11:26 AM
To: John J. LeMay Jr.
Cc: ethereal-users
Subject: Re: [Ethereal-users] No more suid?



"John J. LeMay Jr." <jlemay@xxxxxxxx> writes:

> Looks like this is a gtk+ thing, but I'm no developer and I can't imagine
I'm
> the only one here that used to chmod 4755 after installing Ethereal so
that I
> could run it as a normal user.

It is a gtk+ thing.

>From the FAQ (http://www.gtk.org/faq/#AEN391)

        4.2. How do I write security sensitive/SUID/SGID programs with
        GTK+?  Is GTK+ secure? What's this GTK_MODULES security hole I
        heard about?  How do I write security sensitive/SUID/SGID
        programs with GTK+? Is GTK+ secure? What's this GTK_MODULES
        security hole I heard about? The short answer to this question
        is: Don't write SUID/SGID programs with GTK+ For a more
        thorough explanation of the GTK+ Developers position on this
        issue see http://www.gtk.org/setuid.html.

> Does anyone have a workaround simple enough for someone like me to use? I
> really don't want to su everytime I want to sniff a bit.

Use gtk+-1.2.8 which doesn't make the su check. 

> thanks!
> 
> John LeMay Jr.
> Senior Enterprise Consultant
> NJMC, LLC.
> 
> 
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users

-- 
-Andrew Feren
 Cetacean Networks, Inc.
 Portsmouth, NH


_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users