Joerg Mayer schrieb:
On Mon, Aug 13, 2007 at 02:58:10PM -0700, Gerald Combs wrote:
I've submitted a patch which implements some of the changes discussed at
http://wiki.wireshark.org/Development/PrivilegeSeparation . If no one
has any objections I'd like to check it in later this week.
I'm afraid you lost me with this patch:
I understand the wireshark capture model correctly, wireshark
doesn't need root privileges even now because capturing can be done by
dumpcap, and thus wireshark should never be installed suid root. This
is reflected by configure.in.
Yes and no. While the capturing itself is already completely done in
dumpcap, some libpcap/winpcap stuff was still called in Wireshark itself
(e.g. the enumeration of capture interfaces). At least for some of the
Win32 specific stuff like the interface details windows this is still
the case AFAIR.
However, I don't know how far Geralds changes are going (didn't had a
look myself at it), maybe he fixed even that somehow.
Is there a specific reason why this line
of work isn't enforced and adapted to tshark as well?
No specific reasons, it was just my laziness when I stopped implementing
the privsep things some time ago.
Regards, ULFL
