Stephen Fisher wrote: > On Mon, Aug 13, 2007 at 02:58:10PM -0700, Gerald Combs wrote: > >> I've submitted a patch which implements some of the changes discussed >> at http://wiki.wireshark.org/Development/PrivilegeSeparation . If no >> one has any objections I'd like to check it in later this week. > > Thanks for your effort. The code looks fine to me on a quick pass by. > >> - The autoconf/automake configuration now installs dumpcap and TShark >> setuid by default. A non-privileged user (default "wireshark") is also >> defined. > > I think it is best (easiest for users) to have Wireshark run as the user > who started it instead of a special user. Compiling it to run as a new > user called wireshark or other should be an option.
As long as Wireshark is run as a regular user, that's the case with the patch. If Wireshark is run with elevated privileges, an attempt is made to setuid to the user who called Wireshark. If that user turns out to be root, then Wireshark will setuid to the special user. It'd probably make sense to pop up a notification dialog when this happens. _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
