Ethereal-dev: Re: [Ethereal-dev] suggestion for something to include with ethereal...

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Nathan Neulinger <nneul@xxxxxxx>
Date: Thu, 28 Dec 2000 17:02:43 -0600
Gilbert Ramirez wrote:
> 
> On Thu, 28 Dec 2000 14:18:21 -0800
> Guy Harris <gharris@xxxxxxxxxxxx> wrote:
> 
> >
> > Given that it doesn't include any dissection code, I'd be inclined
> > either to include it in libpcap or to make it a separate program from
> > tcpdump.org, if "tcpdump -w" and "tethereal -w" aren't lightweight
> > enough.
> 
> Yes, a program called "pcap" or something should be included with
> libpcap. This also helps to solve the problem of root-only
> captures on Linux (if you don't use capabilities). Pcap can be set
> setuid root and executable only by user and group, allowing the sysadmin
> to define a group that can perform packet captures. Ethereal could
> be modified to call pcap to run the capture, avoiding running
> Ethereal as root.

Oooh. I like that idea... hadn't even thought of the ability to make it
setuid. 

In fact, that would have really nice benefits - since you could
potentially replace 'pcap' with another program that generated the
appropriate output - such as via a telnet session to a router doing
packet dumps.

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul@xxxxxxx
University of Missouri - Rolla         Phone: (573) 341-4841
CIS - Systems Programming                Fax: (573) 341-4216