Ethereal-users: RE: [Ethereal-users] Mandrake 7.2 and Ethereal User Privliges

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "HOOD, Andy" <ahood@xxxxxxxxxxxxxx>
Date: Wed, 8 Nov 2000 08:30:37 +1100 
And I would have thought letting just anyone run a sniffer would be "a bad
thing"(tm).
You never know whose password will be on the wire.

-----Original Message-----
From:	Guy Harris [mailto:gharris@xxxxxxxxxxxx]
Sent:	Wednesday, November 08, 2000 7:30 AM
To:	John LeMay
Cc:	Palmer C Byrne; ethereal-users@xxxxxxxxxxxx
Subject:	Re: [Ethereal-users] Mandrake 7.2 and Ethereal User
Privliges

On Tue, Nov 07, 2000 at 12:54:17PM -0500, John LeMay wrote:
> chmod 4755 /*/ethereal
> chmod 4755 /*/tethereal

I seem to remember seeing, somewhere, a claim that it is not safe to
make GTK+ programs set-UID (or, at least, that GTK+ is not known to be
safe, so that there's a risk that it's not safe); I think it may have
been on one of the GTK+ mailing lists.

Ethereal is a GTK+ program.

Furthermore, we've not audited it to make sure it's safe to make
set-UID; you make it set-UID at your own risk.

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

<<application/ms-tnef>>