Ethereal-dev: Re: [ethereal-dev] Security race in ethereal leading to root access

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Gerald Combs <gerald@xxxxxxxx>
Date: Mon, 2 Aug 1999 22:04:44 -0500 (CDT)
On Sat, 31 Jul 1999, Guy Harris wrote:

> A third possibility would be to use two processes even if you're not
> using "-F" or "-S"; this means we wouldn't need two versions of the code
> for the running-capture dialog box, *and* it'd probably let us clean up
> the capture handling somewhat - we wouldn't have to have the capture
> loop handle GTK+ events, we'd just tell GTK+ to add the pipe file
> descriptor as an input descriptor, and update the display
> (running-capture dialog box and, for "-S", packet display window) when
> we got input on that descriptor (the "only update once a second" stuff
> would be done by the child process - it'd send messages up to the parent
> only when it wanted the parent to update the display).

A permanent, separate capture process also lends itself to a better
security model.  After the capture process has been forked, the parent
process doesn't necessarily need root priveleges.

> That has the disadvantage of doing context switches even if you're not
> doing a "-S" capture, though.