Wireshark · Wireshark-dev: Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation patch]

Wireshark-dev: Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation

From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>

Date: Tue, 14 Aug 2007 09:43:38 -0400

Gerald Combs wrote:

I've submitted a patch which implements some of the changes discussed at
http://wiki.wireshark.org/Development/PrivilegeSeparation . If no one
has any objections I'd like to check it in later this week.


Whoo-hoo!  Go Gerald!  Thanks for finishing the work on that.  :-)

(Not that I looked at the patch or tried it out yet.)

My only concern is:

- The autoconf/automake configuration now installs dumpcap and TShark setuid
  by default. A non-privileged user (default "wireshark") is also defined.

If this is the default then the release notes for the next releasebetter have a *really big* notice about that fact. (Imagine admins whoinstall Wireshark for their own use but have absolutely no intention ofletting mere mortals sniff the traffic. We don't want them to besurprised...)

Follow-Ups:
- [Wireshark-dev] problem while executing: file format not recognize
  - From: Toeung, Chanthy
- Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation patch]
  - From: Gerald Combs

References:
- [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation patch]
  - From: Gerald Combs

Prev by Date: Re: [Wireshark-dev] MIB parsing unnecessary
Next by Date: [Wireshark-dev] [PATCH] Status code for PMIPv6
Previous by thread: Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation patch]
Next by thread: [Wireshark-dev] problem while executing: file format not recognize
Index(es):
- Date
- Thread