#2816: Wireshark security issue
--------------------+-------------------------------------------------------
Reporter: Spinal | Owner: blfs-b...@…
Type: defect | Status: new
Priority: normal | Milestone: 6.4
Component: BOOK | Version: SVN
Severity: normal | Keywords:
--------------------+-------------------------------------------------------
It could be an enhancement. But I consider this critical.
Here's some info from Gentoo's ebuild:
{{{
With version 0.99.7, all function calls that require elevated privileges
have been moved out of the GUI to dumpcap. WIRESHARK CONTAINS OVER ONE
POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT.
NOTE: To run wireshark as normal user you have to add yourself into
wireshark group. This security measure ensures that only trusted
users allowed to sniff your traffic.
}}}
Here's what I propose to do...
Before the installation:
{{{
groupadd -g 91 wireshark
}}}
After the installation:
{{{
chown -v root:wireshark /usr/bin/{tshark,dumpcap} &&
chmod -v 6550 /usr/bin/{tshark,dumpcap} &&
}}}
And to add this note at the end of installation...
Add the users you would like to the wireshark group:
usermod -a -G wireshark <username>
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/2816>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
