setuid for directory doesn't work on GNU Linux System (works on FreeBSD). setgid works but if the file permission is 600, the group still can't do anything
For the second solution with version 0.99.7, there is still a problem: the ownership of the calling process of dumpcap will be "root" since wireshark is launched with "sudo wireshark". Then file will still be owned by root. Maybe a solution will be to only use "sudo" with dumpcap but not with wireshark Thanks for your answer. If anybody has another idea ? ----- Message d'origine ---- De : Gerald Combs <[EMAIL PROTECTED]> À : Community support list for Wireshark <wireshark-users@wireshark.org> Envoyé le : Jeudi, 15 Novembre 2007, 18h15mn 18s Objet : Re: [Wireshark-users] Re : files permissions when using dumpcap with Multiple file You might try writing the files to a directory with the setuid or setgid bit(s) set, along with the appropriate ownership. In the next release (0.99.7), dumpcap will attempt to change the ownership of capture files to that of the calling process. This makes it possible to install dumpcap setuid root and run Wireshark and TShark as a normal user, but it should also work for your purposes. Patrick ANAT wrote: > Unfortunately umask is 022 > > This phenomenon only occurs with the "Multiple File" option > > ----- Message d'origine ---- > De : Luis EG Ontanon <[EMAIL PROTECTED]> > À : Community support list for Wireshark <wireshark-users@wireshark.org> > Envoyé le : Jeudi, 15 Novembre 2007, 17h15mn 37s > Objet : Re: [Wireshark-users] files permissions when using dumpcap with > Multiple file > > man umask > > On Nov 15, 2007 4:29 PM, Patrick ANAT <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: >> >> Hello, >> >> I met a problem when using wireshark on Linux with "sudo". >> >> When using dumpcap with Multiple file (-w option), file permissions > created >> are: >> owner: root >> permission: 600 >> >> Thus, users can't do anything with file created (can't ftp those files for >> example) >> >> Any solution ? >> >> regards >> >> ________________________________ >> Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! >> Mail >> _______________________________________________ >> Wireshark-users mailing list >> Wireshark-users@wireshark.org <mailto:Wireshark-users@wireshark.org> >> http://www.wireshark.org/mailman/listinfo/wireshark-users >> >> > > > > -- > This information is top security. When you have read it, destroy yourself. > -- Marshall McLuhan > _______________________________________________ > Wireshark-users mailing list > Wireshark-users@wireshark.org <mailto:Wireshark-users@wireshark.org> > http://www.wireshark.org/mailman/listinfo/wireshark-users > > > ------------------------------------------------------------------------ > Ne gardez plus qu'une seule adresse mail ! Copiez vos mails > <http://www.trueswitch.com/yahoo-fr/> vers Yahoo! Mail > > > ------------------------------------------------------------------------ > > _______________________________________________ > Wireshark-users mailing list > Wireshark-users@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-users _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users _____________________________________________________________________________ Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail
_______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
