Wireshark · Ethereal-users: Re: [Ethereal-users] Problem running ethereal

Ethereal-users: Re: [Ethereal-users] Problem running ethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Richard Urwin <richard@xxxxxxxxxxxxxxx>

Date: Thu, 10 Jul 2003 00:01:29 +0100

On Wednesday 09 Jul 2003 6:26 pm, you wrote:
> On Wed, Jul 09, 2003 at 06:21:06PM +0100, Richard Urwin wrote:
> > The technology is coming, but is not quite ready.
>
> It's been in the kernel for ages, I think - when *is* it going to be
> ready?

I read up on it the last time you mentioned it. It looks like there's a 
big hole in it that lets an exploit get all capability bits. It 
shouldn't be too hard to write a little program that set things up and 
then forked bash, and enabling it is only a matter of recompiling the 
kernel, but without a fix you'd be laying yourself open to the exploit.

Nothing seems to have been mentioned about it since kernel 2.2, I wonder 
if anyone is working on it. If not then is nobody interested or is 
prevaling wisdom that it is a dead-end?

-- 
Richard Urwin

Follow-Ups:
- [Ethereal-users] PPP, zonealarm
  - From: Joe Acquisto

References:
- Re: [Ethereal-users] Problem running ethereal
  - From: Liam Whalen
- Re: [Ethereal-users] Problem running ethereal
  - From: Richard Urwin
- Re: [Ethereal-users] Problem running ethereal
  - From: Guy Harris

Prev by Date: Re: [Ethereal-users] Ethereal run error
Next by Date: [Ethereal-users] PPP, zonealarm
Previous by thread: Re: [Ethereal-users] Problem running ethereal
Next by thread: [Ethereal-users] PPP, zonealarm
Index(es):
- Date
- Thread