Wireshark-users: Re: [Wireshark-users] [patch] drop privs in dumpcap if run setuid by non-root

From: Jeff Morriss <jeff.morriss@xxxxxxxxxxx>
Date: Fri, 16 Feb 2007 13:24:07 +0800


Ulf Lamping wrote:
Guy Harris wrote:
On Feb 14, 2007, at 2:59 PM, Hank Leininger wrote:
There's no problem I see that can't be solved, but it's still a *lot* of work to be done to make it complete.

Although it's on the roadmap I don't know anyone working on this. The problem is that you can only loose on this topic - the best way you can implement it is that it's just working as before - but you can break a lot very easily.

As I only earned complains about my work on this topic (this doesn't work, that doesn't work, this doesn't work as in the last release, ...) I don't feel any motivation myself to continue working on it - there are just more interesting fields where I'll even get personal benefit from - compared to that it only works as before ...

Hmm, sorry you feel that way. I thought it was great (though I never did send an email saying that) that someone was (finally) working on it, especially after things like OpenBSD's criticisms. Those had a great effect in the form of the buildbots and fuzz testing but IIRC one of their chief complaints was that Wireshark _still_ didn't have privsep.

Anyway, I never looked at it myself (for the UNIX side) because I had the impression (apparently wrongly) that you weren't done with what you wanted to do but you just ran out of time to look at it. Oh, and of course that other reason you mention above: it's a scary task to try to accomplish without breaking everything along the way (read: I didn't think I had the time to be sure to implement it right [or if I was even smart enough]).