Wireshark-dev: Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation
From: Richard van der Hoff <[email protected]>
Date: Thu, 16 Aug 2007 11:52:13 +0100
Gerald Combs wrote:
That's exactly the problem I'm trying to solve.  Ever since the initial
release, the standard practice for capturing on Unix/Linux systems has
included the step "start Wireshark (or Ethereal) as root."  Our own
User's Guide tells you to run Wireshark as root.  There's a Wireshark
launcher for OS X that fires up X11 and runs Wireshark as root.  This
practice is wrong, and it must stop.

Just to be clear: *This patch does not run Wireshark as root*.  Just the
opposite, in fact.  If Wireshark catches you running it as root, it
drops privileges *immediately*.
Personally, I'd much prefer a popup that I can dismiss than wireshark 
meddling with my users/groups and dropping privileges.
I very much applaud the general sentiment of not having people running 
wireshark as root, however.