Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: Re: [Wireshark-users] Wireshark sudo

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: "Luis Ontanon" <luis.ontanon@xxxxxxxxx>
Date: Tue, 3 Apr 2007 17:46:03 +0200

If the machine has /dev/bpf* you should chmod these to be readable and
writable by the users instead of suexecing wireshark.


On 4/3/07, jbernstein@xxxxxxx <jbernstein@xxxxxxx> wrote:

I am setting up a laptop to be used as (and only as) a network analysis machine. Wireshark is set up to be run sudo root.

The problem is that any capture files saved by Wireshark are owned by root with permission 600. After the non-root user runs wireshark (sudo), he needs to be able to copy or move the files.

I've tried changing the umask under which the script to launch wireshark runs, but that gets ignored. So maybe it is Wireshark itself (rather then the shell) setting the permissions of saved files?
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users




--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
  • References:
    • [Wireshark-users] Wireshark sudo
      • From: jbernstein
  • Prev by Date: [Wireshark-users] Wireshark sudo
  • Next by Date: Re: [Wireshark-users] wireshark questions
  • Previous by thread: [Wireshark-users] Wireshark sudo
  • Next by thread: Re: [Wireshark-users] Wireshark sudo
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation