Wireshark-dev: Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation

From: Thomas Anders <thomas.anders@xxxxxxxxxxxxx>
Date: Thu, 16 Aug 2007 17:02:13 +0200
Jeff Morriss wrote:
> Thomas Anders wrote:
>> Richard van der Hoff wrote:
>>> Personally, I'd much prefer a popup that I can dismiss than wireshark 
>>> meddling with my users/groups and dropping privileges.
>> Is there any good example of another *user application* dropping
>> privileges as proposed by Gerald? After all, Wireshark isn't a system
>> daemon like OpenSSH's sshd or Postfix where a dedicated "low privilege"
>> user makes perfect sense, of course.
> 
> Is there another example of a program as big as Wireshark that has to 
> (used to have to) be run as root [to do its work "live"]?  And whose 
> entire purpose is to capture stuff off (potentially malicious) networks?

I'm not questioning the motivation and I'm all for exploring any
potential solution. I'm just checking where we could learn from others.

The proper handling of ownership and permissions of saved capture files,
preferences etc. in the dedicated user scenario looks all but trivial to me.


+Thomas

-- 
Thomas Anders (thomas.anders at blue-cable.de)