Wireshark-dev: Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation
From: Jeff Morriss <[email protected]>
Date: Thu, 16 Aug 2007 10:51:25 -0400
Thomas Anders wrote:
Richard van der Hoff wrote:
Personally, I'd much prefer a popup that I can dismiss than wireshark meddling with my users/groups and dropping privileges.
Is there any good example of another *user application* dropping
privileges as proposed by Gerald? After all, Wireshark isn't a system
daemon like OpenSSH's sshd or Postfix where a dedicated "low privilege"
user makes perfect sense, of course.
Is there another example of a program as big as Wireshark that has to 
(used to have to) be run as root [to do its work "live"]?  And whose 
entire purpose is to capture stuff off (potentially malicious) networks?