Wireshark-dev: Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation
From: Jeff Morriss <[email protected]>
Date: Tue, 14 Aug 2007 09:43:38 -0400
Gerald Combs wrote:
I've submitted a patch which implements some of the changes discussed at
http://wiki.wireshark.org/Development/PrivilegeSeparation . If no one
has any objections I'd like to check it in later this week.
Whoo-hoo!  Go Gerald!  Thanks for finishing the work on that.  :-)

(Not that I looked at the patch or tried it out yet.)

My only concern is:

- The autoconf/automake configuration now installs dumpcap and TShark setuid
  by default. A non-privileged user (default "wireshark") is also defined.
If this is the default then the release notes for the next release 
better have a *really big* notice about that fact.  (Imagine admins who 
install Wireshark for their own use but have absolutely no intention of 
letting mere mortals sniff the traffic.  We don't want them to be 
surprised...)