Wireshark-dev: Re: [Wireshark-dev] Running with special privileges in build dir, result of get_

From: Anders Broman <a.broman@xxxxxxxxxxxx>
Date: Wed, 31 Aug 2011 20:29:41 +0200
Guy Harris skrev 2011-08-31 20:04:
On Aug 31, 2011, at 1:26 AM, Anders Broman wrote:

Do we need the check for special privileges in get_datafile_dir()?
At an absolute minimum, if we're running with elevated privileges, we *MUST* not allow the user to, in any way, say that the directory in which to find "system" plugins, Lua scripts, Python scripts, or any other executable code/scripts is something other than the directory in which Wireshark was installed, so that, for example, if Wireshark is installed set-UID (which it shouldn't be - only dumpcap needs the special privileges), the user can't trick it into writing code they've written.

Now, perhaps we should solve this by just having Wireshark and TShark and so on refuse to run with elevated privileges.
N.B The case I'm refereeing to is "when run from build directory" presumably the "user" is the one who built it. And if you call Wireshark with environment variables set hopefully you know what you are doing...
Regards
Anders
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list<wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe