https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4293
--- Comment #4 from Hrishikesh Murali <fnkygy@xxxxxxxxx> 2009-12-04 04:53:42 PST ---
(In reply to comment #3)
> Eh, no. setuid root takes care of that.
> See also http://brainstorm.ubuntu.com/idea/14140/
I read the link you had given.
I tried running dumpcap as root, and then viewing the file which it saves the
capture in through wireshark. It says 'you do not have permissions to read the
file'. This is obvious as the file is created by a privileged user, and an
unprivileged user cannot view it. I tried "sudo chgrp root /usr/bin/dumpcap",
then ran dumpcap and then wireshark to view the file. But it gives the same
'permission denied' message.
Now, the bug is that wireshark does not let me execute dumpcap as i do not have
permissions to do so. So, we must modify the code such that it prompts me for
the password when I try to sniff, and hence dumpcap will be able to run, else
it can just run as unprivileged user. Is this the solution?
Or do we have to modify the code of dumpcap so as to allow only process
'wireshark' to access it's files (the capture file that is), so that wireshark
can run unprivileged and dumpcap can run privileged and still integrity of the
software is maintained??
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
