Ethereal-dev: Re: [Ethereal-dev] Priv sep in ethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Ulf Lamping <ulf.lamping@xxxxxx>
Date: Mon, 07 Feb 2005 22:50:30 +0100
Stephen Samuel (leave the email alone) wrote:

http://ask.slashdot.org/comments.pl?sid=138603&cid=11599438

First of all, I remember discussions in the Ethereal developer list about that we were dropped from OpenBSD and noted only by a third party about it, which wasn't a nice way in my eyes. We should talk with (not about) each other.

I'm not using OpenBSD nor I'm planning to do so, and the way the OpenBSD team treated us (just look at that mailing list), I'm personally not really interested to do any work (in my free time) to get back into their distro, I'm sorry to say that.

However, adding privilege separation is a reasonable thing for Ethereal in my eyes anyway.


A comment in Slashdot reminding me of why ethereal is no longer
ported to OpenBSD, and the fact that I just upgraded my oBSD
firewall (lamenting this exclusion), has prompted me to write
this.

Perhaps it's time to build some firewalls into ethereal.  This
would actually consist of two different parts:

You might have a look at the wiki page about that topic:

http://wiki.ethereal.com/Development_2fPrivilegeSeparation

You might add comments about the topic at that page.

Interestingly, I'm started to implement privilege separation of the capturing code lately, but this requires some deep redesign of the capturing engine code which isn't trivial to do, so don't expect any changes on this in the very near future.

I don't know too much about the dissector code, so I cannot say a lot about this.

Regards, ULFL