Casper.Dik at Sun.COM wrote:
>>> Two rights profiles are added to /etc/security/exec_attr as
>>> follows:
>>>
>>> Network Management:suser:cmd:::/usr/sbin/tshark:uid=0
>>> Network Management:suser:cmd:::/usr/sbin/wireshark:uid=0
>> As we discussed today, I clearly thought we can do better than
>> this. Also since there is no backward compatibility issue,
>> the policy field should be "solaris", not "suser".
>
> Yes, this seems wrong; certainly if it allows creating output files.
>
> Solaris snoop runs as "nobody" after doing setup (open output files,
> configure snooping and filtering) and running with just the
> appropriate privileges at start seems much preferred, specifically
> as there applications are prone to stumbling over odd packets.
>
> And running GUI apps under uid 0 is a big NO-NO. They always have
> too many security bugs by virtue of their size alone.
GTK just exits on startup if it detects it's being used in a setuid app.
--
-Alan Coopersmith- alan.coopersmith at sun.com
Sun Microsystems, Inc. - X Window System Engineering
