Wireshark-dev: Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation
From: Joerg Mayer <[email protected]>
Date: Wed, 15 Aug 2007 10:26:00 +0200
On Tue, Aug 14, 2007 at 03:43:07PM -0700, Gerald Combs wrote:
> > I think it is best (easiest for users) to have Wireshark run as the user
> > who started it instead of a special user.  Compiling it to run as a new
> > user called wireshark or other should be an option.
> As long as Wireshark is run as a regular user, that's the case with the
> patch.  If Wireshark is run with elevated privileges, an attempt is made
> to setuid to the user who called Wireshark. If that user turns out to be
> root, then Wireshark will setuid to the special user.  It'd probably
> make sense to pop up a notification dialog when this happens.

I still think that this stuff is the wrong approach: wireshark should
not need root privileges and if you want to make sure that the program
isn't run suid then it should check and pop up a notice that this is no
longer necessary and should not be done (and I don't really like that
approach as well, but it's way better than the proposed solution).s
Also, how do you intend to handle the case where someone starts
wireshark with sudo and then wants to read a capture file that's owned
by root and cannot be accessed with users privileges?

Joerg Mayer                                           <[email protected]>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.