Ethereal-dev: Re: [Ethereal-dev] Priv sep in ethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Lars Roland <lars.roland@xxxxxxx>
Date: Tue, 08 Feb 2005 01:34:35 +0100
Mark Pizzolato schrieb:
On Monday, February 07, 2005 at 1:50 PM, Ulf Lamping wrote:

Stephen Samuel (leave the email alone) wrote:
You might have a look at the wiki page about that topic:

http://wiki.ethereal.com/Development_2fPrivilegeSeparation

You might add comments about the topic at that page.

Interestingly, I'm started to implement privilege separation of the
capturing code lately, but this requires some deep redesign of the
capturing engine code which isn't trivial to do, so don't expect any
changes on this in the very near future.


You post some interesting ideas for Window, however, they are far more complicated than needed (i.e. the model of having a separate process doing actual pcap activities and a separate non privilege display process).

Winpcap actually ONLY needs privilege to "load the NPF driver". When winpcap is installed, the NPF driver is configured to load "On Demand", which means by the first user of an application which uses winpcap. Privilege is needed to perform this load, but any unprivileged application can use winpcap after the NPF driver is initially loaded. .The act of loading the NPF driver can be done automatically at system boot time by making a simple registry change the details of which described at: http://winpcap.polito.it/misc/faq.htm#Q-18

The ethereal windows installer could probably be offer an option to enable the starting of NPF at system startup. This would completely solve privilege separation for Windows and avoid the overhead of attempting to do these things in a separate process and pass all data to a display process.

Perhaps I should have read the winpcap's faq, before diving into the API desciption of Winpcap. :) Now I have what I want. I'll see what I can do to add it to the installer.

Regards,
Lars