Re: Running with special privileges in build dir, result of get_datafile_dir()

[Guy Harris <guy () alum mit edu>]

On Aug 31, 2011, at 11:29 AM, Anders Broman wrote:

> N.B The case I'm refereeing to is "when run from build directory" presumably the "user" is the one who built it.
> And if you call Wireshark with environment variables set hopefully you know what you are doing...

That would require a 100% safe way to determine when you're running from the build directory, with "100% safe" meaning 
"there's no way to fool Wireshark into thinking it's being run from the build directory when it's not".  
"WIRESHARK_RUN_FROM_BUILD_DIRECTORY is set" is clearly not 100% safe, as anybody can set it.  "The directory containing 
the executable image is named ".libs"" is reliable only if:

        1) that directory is *not* found by looking at argv[0], as argv[0] can be set arbitrarily by the user if they 
write their own code to run Wireshark;

        2) that directory is *not* found by dladdr() looking at argv[0] or anything else controllable by the user.

I think that may well be equivalent to "only if you're running on Mac OS X", OS X being the only UN*X I know of where 
the exec* calls pass an absolute path to the executable along with the argument list and environment (done, I think, 
for the benefit of app bundles), and I'm not even sure that's guaranteed not to be foolable by playing games with 
symbolic links.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe