Wireshark · Wireshark-dev: Re: [Wireshark-dev] Security Consideration: Priviledge Separation

Wireshark-dev: Re: [Wireshark-dev] Security Consideration: Priviledge Separation

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Wed, 11 Oct 2006 11:04:18 -0700

CS Lee wrote:

So since wireshark needs root priviledge for initial launch,

...unless you're running on an OS (such as anything using BPF) where youcan grant non-root users privileges to capture packets.

maybe wecan have wireshark drop its priviledge to other user(wireshark usermaybe),


If it can drop privileges, either

1) it can't regain them, in which case once it's done one capture, itcan't do any more

or

2) it can regain them, in which case if you can inject code intoWireshark via a security vulnerability, that code can regain them.

However, Wireshark now uses dumpcap to do packet capture. If otherfunctions that require root privileges can also be done by that program,Wireshark wouldn't need privileges - only dumpcap would need them.


See

	http://wiki.wireshark.org/Development/PrivilegeSeparation

for some discussion about this.

References:
- [Wireshark-dev] Security Consideration: Priviledge Separation
  - From: CS Lee

Prev by Date: [Wireshark-dev] Security Consideration: Priviledge Separation
Next by Date: [Wireshark-dev] Wireshark Build Errors: airpcap.h, sync_pipe_write.c, #defines, and ints
Previous by thread: [Wireshark-dev] Security Consideration: Priviledge Separation
Next by thread: [Wireshark-dev] Wireshark Build Errors: airpcap.h, sync_pipe_write.c, #defines, and ints
Index(es):
- Date
- Thread