Wireshark mailing list archives
Re: GSoC 2013 Project Proposal for Root permissions in wireshark
From: Guy Harris <guy () alum mit edu>
Date: Wed, 24 Apr 2013 23:25:46 -0700
On Apr 24, 2013, at 7:24 AM, Surbhi Jain <jainsurbhi024 () gmail com> wrote:
Hi all, A normal user must have the permissions to capture and view the packet info. till layer 5 if that belongs to his request from server. He can be able to save a packet, to delete a packet, to edit a packet and sent it back to the server. Packet contains the info for the identification of the host ( IP address + Port number). I think we can use the options field of TCP header to contain the name of the owner of the packet in encrypted form.
Not if the packet isn't a TCP packet, you can't. The purpose of this project is not to safely allow privileges to capture packets to be given to anybody, without letting them capture traffic that they're somehow not "entitled" to capture; the purpose is to allow people to run Wireshark, TShark, and dumpcap to capture whatever traffic they want without having to run as root. If the computer is a personal computer on a personal network, the owner should be allowed to see any traffic that they want, and even run in promiscuous or monitor mode; if it's a "personal" computer on some organizational network (corporate/government/etc.), the organization might well want to ban sniffers entirely, even if they're not running in promiscuous or monitor mode, except on machines that belong to network administrators; if the computer is a time-shared computer or server, they might want to allow only network administrators to capture traffic. So I don't see the point of modifying the network stack to add the "owner of the packet" as a TCP option. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- GSoC 2013 Project Proposal for Root permissions in wireshark Surbhi Jain (Apr 24)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Surbhi Jain (Apr 24)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Phil Turmel (Apr 24)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Guy Harris (Apr 24)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Surbhi Jain (Apr 26)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Guy Harris (Apr 26)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Surbhi Jain (Apr 28)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Guy Harris (Apr 28)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Gerald Combs (Apr 29)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Guy Harris (Apr 29)
- Re: GSoC 2013 Project Proposal for Root permissions in wireshark Surbhi Jain (Apr 24)