Wireshark-dev: Re: [Wireshark-dev] Conditional compiles

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Dario Lombardo <dario.lombardo.ml@xxxxxxxxx>
Date: Tue, 14 Feb 2017 15:30:36 +0100


On Tue, Feb 14, 2017 at 3:22 PM, Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> wrote:
I remember getting (infrequent) questions/requests for building Wireshark without the ability to capture.  Usually the desire seems to come from corporate IT policies which don't want people capturing corporate traffic but which need to support users' ability to analyze captures made elsewhere (test systems or maybe from customers?).

[Of course most of these requests are probably for the Windows version where you can control the ability to capture by not installing WinPCAP.]


Well... this is a capability issue. I don't think you can prevent your users to capture by giving them a incomplete version of a software. If they have the capability of capture, (aka they are root/admin) they can still capture with a binary copy of the software. If they can't install software or don't have the proper capability... they are done. I think that mixing features of a software and capabilities is a bit messy... but maybe there are specific scenarios I can't understand.