[Please reply only to the list, as per the CoC.] On Wed, 24 Feb 2010 14:56:48 -0500 Jordan Metzmeier <titan8...@gmail.com> wrote:
> On Wed, Feb 24, 2010 at 2:26 PM, Celejar <cele...@gmail.com> wrote: ... > > In Debian, Wireshark should probably never be run as root, even when > > capturing packets. See the README.Debian: ... > I am familiar with the wireshark group from usage on non-Debian > systems. IIRC on gentoo I had to build wireshark with particular USE > flags so that non-root users in the wireshark group could capture > (could be mistaken here). > > I have a feeling that is not the wireshark version from stable that > you are displaying the README.Debian from. Correct. I'm running Sid. ... > Last up we have the wireshark group. This was not created by wireshark > installation. `dpkg-reconfigure wireshark-common` does not provide an > option separate installation methods. > > I am afraid these features and documentation you are referring to are > not present in Debian stable. Quite possibly. In any event, running wireshark as root is quite dangerous, IIRC, as the program has a scary history of badly written dissectors that can be manipulated by malicious packets, and I believe that at least some of the exploits have allowed arbitrary code execution. You do *not* want that happening as root. Celejar -- foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100224150611.c22cb373.cele...@gmail.com
