Gerald Combs wrote:
That's exactly the problem I'm trying to solve. Ever since the initial
release, the standard practice for capturing on Unix/Linux systems has
included the step "start Wireshark (or Ethereal) as root." Our own
User's Guide tells you to run Wireshark as root. There's a Wireshark
launcher for OS X that fires up X11 and runs Wireshark as root. This
practice is wrong, and it must stop.
Just to be clear: *This patch does not run Wireshark as root*. Just the
opposite, in fact. If Wireshark catches you running it as root, it
drops privileges *immediately*.
Personally, I'd much prefer a popup that I can dismiss than wireshark
meddling with my users/groups and dropping privileges.
I very much applaud the general sentiment of not having people running
wireshark as root, however.