[Bug 349782] New: AUDIT-0: wireshark - setuid installation
https://bugzilla.novell.com/show_bug.cgi?id=349782 Summary: AUDIT-0: wireshark - setuid installation Product: openSUSE 11.0 Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: prusnak@novell.com QAContact: qa@suse.de Found By: --- ---8<------8<------8<------8<------8<------8<------8<------8<---
From http://anonsvn.wireshark.org/wireshark/trunk/doc/README.packaging:
In versions up to and including 0.99.6, it was necessary to run Wireshark with elevated privileges in order to be able to capture traffic. With version 0.99.7, all function calls that require elevated privileges have been moved out of the GUI to dumpcap. WIRESHARK CONTAINS OVER ONE POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT. There are two configure-time options on non-Windows systems that affect the privileges a normal user needs to capture traffic and list interfaces: "--enable-setuid-install" and "--with-libcap". Setting "--enable-setuid-install" to "yes" will install TShark and dumpcap setuid root. This is necessary for non-root users to be able to capture on most systems, e.g. on Linux or FreeBSD if the user doesn't have permissions to access /dev/bpf*. It is disabled by default. If the "--with-libcap" option is enabled, dumpcap will try to drop any setuid privileges it may have while retaining the CAP_NET_ADMIN and CAP_NET_RAW capabilities. It is enabled by default, and requires the Linux capabilities library. Additionally, warnings are now displayed when Wireshark and TShark are run as root. ---8<------8<------8<------8<------8<------8<------8<------8<--- Should I package tshark and dumpcap as setuid or leave it as it is? (Meaning that user has to run wireshark GUI as root to be able to capture packets from interfaces). If you decide for the change, please change the permissions file accordingly (/usr/bin/{dumpcap,tshark}). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=349782
User krahmer@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c1
Sebastian Krahmer
https://bugzilla.novell.com/show_bug.cgi?id=349782
User meissner@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c2
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=349782
User prusnak@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c3
Pavol Rusnak
https://bugzilla.novell.com/show_bug.cgi?id=349782
User krahmer@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c4
--- Comment #4 from Sebastian Krahmer
https://bugzilla.novell.com/show_bug.cgi?id=349782
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c5
--- Comment #5 from Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=349782
User mmarek@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c6
--- Comment #6 from Michal Marek
https://bugzilla.novell.com/show_bug.cgi?id=349782
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c7
--- Comment #7 from Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=349782
User mmarek@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c8
--- Comment #8 from Michal Marek
https://bugzilla.novell.com/show_bug.cgi?id=349782
User mmarek@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c9
--- Comment #9 from Michal Marek
https://bugzilla.novell.com/show_bug.cgi?id=349782
User prusnak@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c10
Pavol Rusnak
https://bugzilla.novell.com/show_bug.cgi?id=349782
User casualprogrammer@yahoo.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c11
--- Comment #11 from Casual J. Programmer
https://bugzilla.novell.com/show_bug.cgi?id=349782
User prusnak@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c12
Pavol Rusnak
https://bugzilla.novell.com/show_bug.cgi?id=349782
Pavol Rusnak
https://bugzilla.novell.com/show_bug.cgi?id=349782
Thomas Biege
https://bugzilla.novell.com/show_bug.cgi?id=349782
User casualprogrammer@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=349782#c13
--- Comment #13 from Casual J. Programmer
participants (1)
-
bugzilla_noreply@novell.com