Re: GSoC 2013 Project Proposal for Root permissions in wireshark

[Phil Turmel <philip () turmel org>]

On 04/24/2013 10:24 AM, Surbhi Jain wrote:
> Hi all,
>
> A normal user must have the permissions to capture and view the packet
> info. till layer 5 if that belongs to his request from server. He can be
> able to save a packet, to delete a packet, to edit a packet and sent it
> back to the server.
>
> Packet contains the info for the identification of the host ( IP address +
> Port number). I think we can use the options field of TCP header to contain
> the name of the owner of the packet in encrypted form. And this owner field
> must be checked with the current logged in user before opening the packet.
> This will ensure the security.
>
> With reference to my previous post, I think we can't openly change the
> permissions of the dumpcap .
>
> I need the discussions and help to carry forward this idea or come up with
> better ideas.

The distribution I use, gentoo, sets up a "wireshark" group.  Members of
the group may use promiscuous mode on network interfaces.

Check your distro's documentation.

Phil
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe