Hi all,
A normal user must have the permissions to capture and view the packet info. till layer 5 if that belongs to his request from server. He can be able to save a packet, to delete a packet, to edit a packet and sent it back to the server.
Packet contains the info for the identification of the host ( IP address + Port number). I think we can use the options field of TCP header to contain the name of the owner of the packet in encrypted form. And this owner field must be checked with the current logged in user before opening the packet. This will ensure the security.
With reference to my previous post, I think we can't openly change the permissions of the dumpcap .
I need the discussions and help to carry forward this idea or come up with better ideas.