Wireshark · Ethereal-dev: Re: [Ethereal-dev] Ethereal patch: limit capability set under Linux

Ethereal-dev: Re: [Ethereal-dev] Ethereal patch: limit capability set under Linux

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Ulf Lamping <ulf.lamping@xxxxxx>

Date: Tue, 14 Jun 2005 00:20:22 +0200

Greg Morris wrote:

> List,
>  
> The email below is a suggested patch to (t)ethereal. "This patch drops
> the (t)ethereal process's privileges at startup to the minimum
> required (the capability to sniff network interfaces) in order to
> limit the potential impact of security issues". When you start
> (t)ethereal as root, the process has access to many capabilities (e.g.
> read any file) which it doesn't need. This patch drops all unneeded
> privileges. Please comment and check-in if viable.
>  

Hi Greg!

As I like to see someone "to take a heart" to start getting things done
on this topic, I have some doubts about your approach (or maybe I just
don't understand it). Unfortunately the comments you've added are quite
few, so understanding was difficult as I don't know the cap_ stuff,
sorry :-(

Could you explain a bit what this is intended to do? AFAIK this is
intended to lower privileges of the running task. But which privileges
are affected and in which way?

BTW: I'll guess this won't work on Win32 and probably other platforms
not supporting the cap_ functions?!?

Regards, ULFL

References:
- [Ethereal-dev] Ethereal patch: limit capability set under Linux
  - From: Greg Morris

Prev by Date: Re: [Ethereal-dev] making DocBook docs, JAVA out of memory
Next by Date: Re: [Ethereal-dev] docbook/catalog.xml for Debian
Previous by thread: [Ethereal-dev] Ethereal patch: limit capability set under Linux
Next by thread: [Ethereal-dev] making DocBook docs, JAVA out of memory
Index(es):
- Date
- Thread