Wireshark-users: Re: [Wireshark-users] Re : files permissions when using dumpcap with Multiple fi

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Thu, 15 Nov 2007 09:15:18 -0800
You might try writing the files to a directory with the setuid or setgid bit(s)
set, along with the appropriate ownership.

In the next release (0.99.7), dumpcap will attempt to change the ownership of
capture files to that of the calling process.  This makes it possible to install
dumpcap setuid root and run Wireshark and TShark as a normal user, but it should
also work for your purposes.

Patrick ANAT wrote:
> Unfortunately umask is 022
> 
> This phenomenon only occurs with the "Multiple File" option
> 
> ----- Message d'origine ----
> De : Luis EG Ontanon <luis.ontanon@xxxxxxxxx>
> À : Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
> Envoyé le : Jeudi, 15 Novembre 2007, 17h15mn 37s
> Objet : Re: [Wireshark-users] files permissions when using dumpcap with
> Multiple file
> 
> man umask
> 
> On Nov 15, 2007 4:29 PM, Patrick ANAT <panat2fr@xxxxxxxx
> <mailto:panat2fr@xxxxxxxx>> wrote:
>>
>> Hello,
>>
>> I met a problem when using wireshark on Linux with "sudo".
>>
>> When using dumpcap with Multiple file (-w option), file permissions
> created
>> are:
>> owner: root
>> permission: 600
>>
>> Thus, users can't do anything with file created (can't ftp those files for
>> example)
>>
>> Any solution ?
>>
>> regards
>>
>>  ________________________________
>>  Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo!
>> Mail
>> _______________________________________________
>> Wireshark-users mailing list
>> Wireshark-users@xxxxxxxxxxxxx <mailto:Wireshark-users@xxxxxxxxxxxxx>
>> http://www.wireshark.org/mailman/listinfo/wireshark-users
>>
>>
> 
> 
> 
> -- 
> This information is top security. When you have read it, destroy yourself.
> -- Marshall McLuhan
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx <mailto:Wireshark-users@xxxxxxxxxxxxx>
> http://www.wireshark.org/mailman/listinfo/wireshark-users
> 
> 
> ------------------------------------------------------------------------
> Ne gardez plus qu'une seule adresse mail ! Copiez vos mails
> <http://www.trueswitch.com/yahoo-fr/> vers Yahoo! Mail
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users