Not to be unnecessarily negative here, but making a program setuid that was
not specifically DESIGNED to be setuid is absolutely insane.
With the way ethereal is currently written, I don't think much thought at
all has been put into making it setuid safe - for example, just the fact
that you can save output files anywhere is pretty bad from a security
perspective.
Now, I suppose it would be possible for ethereal to immediately fork and
drop privileges in the parent, but I don't believe it does that currently.
In any case, I would strongly suggest some careful security analysis before
making it setuid. At the VERY LEAST, make it only 4750 and put it in a group
that only has userids that you would trust with root capability on your
machine.
-- Nathan
------------------------------------------------------------
Nathan Neulinger EMail: nneul@xxxxxxx
University of Missouri - Rolla Phone: (573) 341-4841
Computing Services Fax: (573) 341-4216
> -----Original Message-----
> From: Joerg Mayer [mailto:jmayer@xxxxxxxxxxxxxxxxxxxxxx]
> Sent: Thursday, February 10, 2000 11:37 AM
> To: Peter Kjellerstedt
> Cc: ethereal-dev@xxxxxxxx
> Subject: Re: [ethereal-dev] Three small patches
>
>
> On Thu, 10 Feb 2000, Peter Kjellerstedt wrote:
>
> > The second patch adds the configure option --enable-setuid-install
> > which installs ethereal and tethereal (and possibly ethereal_static)
> > setuid root. An option that at least I find very useful, though
> > definitely nothing that should be done by default ;)
>
> Hmm, so you add '--enable-setuid-install' because you don't want to
> type 'chmod +s "/usr/local/bin/*ethereal*"'. Is this a
> Windowsism?
>
> Ciao
> Jörg
> --
> Joerg Mayer eMail:
> <jmayer@xxxxxxxxxxxxx>
> Give an engineer a problem and a curious form of time
> dilation occurs /AC
>
>