Ethereal-dev: Re: [ethereal-dev] Security race in ethereal leading to root access

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Gilbert Ramirez <gram@xxxxxxxxxx>
Date: Fri, 30 Jul 1999 13:31:41 -0500
On Fri, Jul 30, 1999 at 01:12:55PM -0500, Guy Harris wrote:
> 
> 
> Long term, I'd like to turn "wiretap" into a complete replacement for
> "libpcap", so that
> 
>         1) we aren't restricted to changes the LBL people approve of
> 
> and
> 
>         2) we can have a somewhat faster development cycle than they
>            appear to have.

These are two very good reasons to continue development of wiretap. We
could jump-start the development of wiretap capture filters by changing
wiretap to the BSD license, then use a lot of the filter code used
in libpcap. I'm not worried about providing one tarball with two distinct
sections of code that have difference licenses. Ssh does this with zlib.
But of course, neither ssh nor zlib are GPLed.
 
> In this particular case, I'd be inclined to switch to using "wiretap" to
> write out the capture file, adding the ability to do that to "wiretap",
> and have "wiretap"s API include a "wtap_dump_fdopen()" call or something
> such as that, which takes a file descriptor rather than a file name.

Yes. But we'd need to include some capture filter facility in wiretap.

--gilbert