On 06/02/19 09:08, Dario Lombardo wrote:
> This would mean that they'd have to build Wireshark differently from
the default way it's built, using the "package for systems that run
everything as root" option. That means a standard Debian package, built
to run on a system where you *don't* run everything as root, so that you
can leave the safety checks in place, won't be appropriate for Kali.
I was thinking to something like maintaining a list of debian derivative
that have just the root account (the version checked with lsb_release)
and run something on them during the installation phase.
> - use something else other than error() when disabling dofile()
> (something that won't generate such a disruptive dialog window for
example).
That was my first try. Something like error -> warning, but I didn't
find anything useful. Are you aware of something?
I'm not aware of anything out-of-the-box. It would probably require some
UX work in Qt to make this notification more user-friendly.
I have some doubts about the effectiveness and usefulness of this Lua
sandbox. I didn't investigate in depth but it seems enabling/disabling
the Lua runtime instead would be better, as dictated by policy (whatever
that policy is).