Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Ethereal-dev: Re: Disector categories (Re: [Ethereal-dev] Priv sep in ethereal)

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Stephen Samuel (leave the email alone)" <samnospam@xxxxxxxxxxx>
Date: Sat, 12 Feb 2005 03:17:31 -0800
Todd T. Fries wrote:

You've got to be kidding.  `Lets trust a website to not be hijacked and give
us a list of no insecure modules at runtime...'  .. best case.

Normally, I would, but -- again -- given that ethereal is sometimes used
for network investigation -- sometimes including forensic investigation,
and may want to run stealth, etc. etc. it may be pruning in a situation
where the user doesn't trust their *network*, can't use it, or simply
doesn't want to generate extra traffic in the moment.

I expect that most people will choose 'always check', but for those few
who need the other options, they'll be VERY happy having them.



And what about running it offline?

This is not about having a program disable bad pieces on its own honor.

This is about making things secure by default, and allowing worst case
scenarios of an unprivileged user which has no permissions in a chroot jail
have a look around an empty directory structure.

Ever hear of privilege separation?

It was one of my first suggestions. -- and it was already almost done.


(and yes, we do allocate users for ports packages as well).

If you dare to implement such a thing in ethereal, you might find that bsd
people are more acceptive of software that at least doesn't run
bad-track-record code as root.  Of course, this does not exclude the
need for working on issues if found to be exploitable time after time
either...

My personal $.02 ...


Something like this is what I'm hoping for.  People on the ethereal
list noted that the OpenBSD group said seems to have said little,
if anything, to the ethereal group when ethereal got dropped from
the OpenBSD ports list.  Under the circumstances, I'd say that a
notable lack of communication is rather counter-productive.

--
Stephen Samuel +1(604)876-0426             samnospam@xxxxxxxxxxx
		   http://www.bcgreen.com/
   Powerful committed communication. Transformation touching
     the jewel within each person and bringing it to light.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube