Home page logo
/

wireshark logo Wireshark mailing list archives

Re: GSoC 2013 Project Proposal for Root permissions in wireshark
From: Surbhi Jain <jainsurbhi024 () gmail com>
Date: Wed, 24 Apr 2013 20:09:26 +0545

Hi all,

A normal user must have the permissions to capture and view the packet
info. till layer 5 if that belongs to his request from server. He can be
able to save a packet, to delete a packet, to edit a packet and sent it
back to the server.

Packet contains the info for the identification of the host ( IP address +
Port number). I think we can use the options field of TCP header to contain
the name of the owner of the packet in encrypted form. And this owner field
must be checked with the current logged in user before opening the packet.
This will ensure the security.

With reference to my previous post, I think we can't openly change the
permissions of the dumpcap .

I need the discussions and help to carry forward this idea or come up with
better ideas.

Surbhi Jain
3rd year , Computer Science Engineering
University School of  Information & Communication Technology
Contact Email ID - surbhijain1 () acm org


On Wed, Apr 24, 2013 at 7:36 PM, Surbhi Jain <jainsurbhi024 () gmail com>wrote:

Hi all,

I came across the project "Root permissions" in wireshark. i downloaded
wireshark on my ubuntu PC in order to capture the packets. I was unable to
select any interface as I was not logged in as root. The permissions of
file /usr/bin/dumpcap needs to be changed as 775 or 777 in order to view
the interfaces and capture the packets.

In order for a normal user to capture and view packets, the permission of
dumpcap file should implicitly be 775 or all the files must be present in
the home directory of currently logged in user. As the capturing of packets
on a system is user dependent.



Surbhi Jain
3rd year , Computer Science Engineering
University School of  Information & Communication Technology
Contact Email ID - surbhijain1 () acm org

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]