Wireshark-dev: Re: [Wireshark-dev] [Fwd: [Wireshark-bugs] [Bug 1741] New: Privilege separation
From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>
Date: Thu, 16 Aug 2007 11:56:11 -0400
Thomas Anders wrote:
Jeff Morriss wrote:
Thomas Anders wrote:
Richard van der Hoff wrote:
Personally, I'd much prefer a popup that I can dismiss than wireshark meddling with my users/groups and dropping privileges.
Is there any good example of another *user application* dropping
privileges as proposed by Gerald? After all, Wireshark isn't a system
daemon like OpenSSH's sshd or Postfix where a dedicated "low privilege"
user makes perfect sense, of course.
Is there another example of a program as big as Wireshark that has to (used to have to) be run as root [to do its work "live"]? And whose entire purpose is to capture stuff off (potentially malicious) networks?

I'm not questioning the motivation and I'm all for exploring any
potential solution. I'm just checking where we could learn from others.

Me too, but I'm not sure we'll find an example similar to Wireshark.

Some OS config GUIs are certainly big but their whole purpose is to do stuff as root (so dropping priv's is not useful).

tcpdump and commercial sniffer products probably need root access and are reading from the network, but I'm not sure tcpdump counts as "big" and I know nothing of commercial sniffers.