ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Wireshark-dev: [Wireshark-dev] MacOS user on installed files

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Sat, 10 Mar 2018 06:16:03 +0100
Hi List,

While digging into https://ask.wireshark.org/question/2023 I stumbled up these entries in my file system

macOS:~ jaap$ cd /Library/Application\ Support/
macOS:Application Support jaap$ ls -la
total 0
...
drwxr-xr-x   3 root  wheel   102 Jul 31  2016 Script Editor
drwxrwx---   2 root  admin    68 Jun 18  2015 SubmitDiagInfo
drwxr-xr-x   7 root  wheel   238 Nov 17 17:06 VirtualBox
drwx------   3 504   wheel   102 Nov 23  2015 Wireshark
drwx------   3 root  admin   102 Jan 25 22:48 com.apple.TCC
drwxr-xr-x   3 root  wheel   102 Jul 31  2016 iLifeMediaBrowser


macOS:Application Support jaap$ sudo ls -la Wireshark/ChmodBPF 
total 16
drwxrwxr-x  4 504  staff   136 Oct 18 16:47 .
drwx------  3 504  wheel   102 Nov 23  2015 ..
-rwxrwxr-x  1 504  staff  1431 Oct 10 20:17 ChmodBPF
-rw-rw-r--  1 504  staff   382 Oct 10 20:17 org.wireshark.ChmodBPF.plist

They question is, why the user 504 on these files? Shouldn’t those be root owned?

Is that an left over from an old installer, or is this still happening with the current?

Thanks,
Jaap
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube