Luis EG Ontanon wrote: > Wireshark won't load plugins not owned by root if running as root. > That is to avoid someone writing a plugin that (e.g.) executes a shell > with root priviledges in a system where wireshark is allowed by sudo. > > # chown root your_plugin > > By the way WS as of 1.0 does not require to be run as root anymore, it > runs setuid and drops privileges ASAP.
Wireshark 1.0 doesn't run as set-UID, but it also doesn't itself do packet capture, so it doesn't have to; TShark 1.0 doesn't run as root, either. Instead, they run dumpcap to do the low-level packet capturing; dumpcap can be installed as set-UID root, if that's required in order to capture packets, and relinquishes its privileges as soon as it can. _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
