On Fri, Jun 19, 2009 at 01:56:05PM +0200, Josselin Mouette wrote:
>Le vendredi 19 juin 2009 à 12:54 +0200, Jaap Keuter a écrit :
>> > What I've noticed is that Debian (still) requires the user to run
>> > Wireshark with root credentials in order to be able to launch a
>> > network
>> > capture. Otherwise the network interfaces won't even be visible.
>> > This problem, running a massive GUI application with root
>> > credentials, was
>> > identified long ago and addressed as such. The core capture
>> > functionality
>> > was isolated in a capture child, so the rest (dissection, GUI, etc)
>> > could
>> > be run as a normal user. This only(ahem) requires the capture engine
>> > (dumpcap) to be installed setuid root.
>
>I think it’s just as bad an idea to launch dumpcap setuid root as it is
>to launch the GUI as root.
Definitely as default for the install. For many people the common case
is to use wireshark to analyze captures taken by a different tool, and
there's no reason for them to automatically have anything setuid to
support that case.
Mike Stone
--
To UNSUBSCRIBE, email to
debian-security-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact
listmaster@...
