mailing list archives
Re: GSoC 2013 Project Proposal for Root permissions in wireshark
From: Guy Harris <guy () alum mit edu>
Date: Sun, 28 Apr 2013 12:02:56 -0700
On Apr 28, 2013, at 7:43 AM, Surbhi Jain <jainsurbhi024 () gmail com> wrote:
When we install WIRESHARK or most of the softwares on any distro, window prompts up asking for root password. When
the installation of the software starts, can't we run a script which will allow the logged in user or third-party
user to view the listed interfaces of the system.
That's what happens with the OS X installer; it runs a script that adds a new access_bpf group to the system, makes the
user a member of the group, and installs a StartupItem (run at boot time) to change the permissions of all the
/dev/bpf* devices to rw-rw-r-- and the group owner of them to access_bpf (and runs that script) so that anybody in the
access_bpf group can capture traffic without requiring root permissions.
For a given distribution, *if* the kernel supports capabilities, the installer for a given distribution could ensure
that dumpcap has the right capabilities set, and can also make it not readable and executable except by the owner and
some group; I think some distributions *might* do this already, but others might not.
Whether that can be done, and how that's done, depends on the distribution - and whether, if we put it into *our*
packaging for that distribution, the distribution won't just remove it, is another matter.
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org>
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe