Wireshark-users: Re: [Wireshark-users] Wireshark sudo
From: "Luis Ontanon" <[email protected]>
Date: Tue, 3 Apr 2007 17:46:03 +0200
If the machine has /dev/bpf* you should chmod these to be readable and
writable by the users instead of suexecing wireshark.

On 4/3/07, [email protected] <[email protected]> wrote:
I am setting up a laptop to be used as (and only as) a network analysis machine. Wireshark is set up to be run sudo root.

The problem is that any capture files saved by Wireshark are owned by root with permission 600. After the non-root user runs wireshark (sudo), he needs to be able to copy or move the files.

I've tried changing the umask under which the script to launch wireshark runs, but that gets ignored. So maybe it is Wireshark itself (rather then the shell) setting the permissions of saved files?
Wireshark-users mailing list
[email protected]

This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan