https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13096
--- Comment #1 from Guy Harris <g...@alum.mit.edu> --- (In reply to myrs2m9quk from comment #0) > As noted in #11659, Wireshark can be "tricked" into allowing captures on > these interfaces by manually starting a tcpdump, By manually starting a tcpdump *as root*. That's the problem - they need to be constructed by code running as root in order to capture on them, and the program Wireshark uses to capture traffic, dumpcap, isn't run as root. We could build dumpcap to be set-UID, which we do on some other platforms; that would also obviate the need for the ChmodBPF launchd job. (That's not an ideal solution, as it means a bunch of code is running as root that doesn't really need to run as root, even though dumpcap gives up its privileges as soon as it can. The *ideal* solution would be to have libpcap run a subprogram to open devices, and have that subprogram do whatever stuff needs special privileges and, for example, hand a file descriptor to libpcap to use when capturing. That's a work in progress, but it's early in the design stage.) -- You are receiving this mail because: You are watching all bug changes.
___________________________________________________________________________ Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
