Wireshark-dev: Re: [Wireshark-dev] Lua error while running Wireshark as root (was: Re: Wireshar

From: Peter Wu <peter@xxxxxxxxxxxxx>
Date: Tue, 5 Feb 2019 23:38:04 +0100
On Tue, Feb 05, 2019 at 02:25:58PM -0800, Guy Harris wrote:
> On Feb 5, 2019, at 2:07 PM, Peter Wu <peter@xxxxxxxxxxxxx> wrote:
> 
> > The last option would permit *users* to invoke arbitrary commands as
> > root if they run Wireshark with sudo or as root user. I think that might
> > not be a bad idea after all:
> 
> 	[existing reasons elided]
> 
> - They shouldn't be running *Wireshark* as root unless they're on a
> system such as Kali where everything runs as root; if they need root
> privileges in order to capture, they should make dumpcap set-UID root.

I agree, a warning is already printed by tshark when running it as root.
No such warning is shown when starting the GUI as root though, although
it has been documented in plenty of places.

> If they're silly enough to run *Wireshark* as root when it doesn't
> need to run as root, my sympathies if they get pwned is limited.

Beautiful expression :)
-- 
Kind regards,
Peter Wu
https://lekensteyn.nl