Wireshark-users: Re: [Wireshark-users] [patch] drop privs in dumpcap if run setuid by non-root
From: Ulf Lamping <[email protected]>
Date: Thu, 15 Feb 2007 20:47:40 +0100
Guy Harris wrote:
On Feb 14, 2007, at 2:59 PM, Hank Leininger wrote:

Hm, I'm afraid I'm too much of a wireshark n00b to know what you mean by
'capture live list'.
I think he means the list of interfaces on which you can capture.

Yes, the menu item: Capture / Interfaces ...
I didn't find anything by that name in the 0.99.5
sources.  Anyway, are these cases where you know there is some design
problem with migrating them to using dumpcap, or just cases where the
migration work isn't done yet, but is somewhere on the roadmap?
There's no inherent problem with doing that in dumpcap; there needs to  
be a way to ask dumpcap to give a list of interfaces (written to the  
standard output) in a form that Wireshark can use to generate the drop- 
down list of interfaces.
Note that this format will probably change over time, as it also needs  
to supply interface properties, and the list of interface properties  
will probably grow over time.
dumpcap is already capable of giving the list of interfaces, but it's probably still missing some of the properties (not sure - IP address comes to my mind). WS certainly won't call for that list or properties.
There's no problem I see that can't be solved, but it's still a *lot* of 
work to be done to make it complete.
Although it's on the roadmap I don't know anyone working on this. The 
problem is that you can only loose on this topic - the best way you can 
implement it is that it's just working as before - but you can break a 
lot very easily.
As I only earned complains about my work on this topic (this doesn't 
work, that doesn't work, this doesn't work as in the last release, ...) 
I don't feel any motivation myself to continue working on it - there are 
just more interesting fields where I'll even get personal benefit from - 
compared to that it only works as before ...
Regards, ULFL