Wireshark-bugs: [Wireshark-bugs] [Bug 4657] Wireshark runs firefox as root
Date: Thu, 8 Apr 2010 13:19:43 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4657

--- Comment #5 from Gerald Combs <gerald@xxxxxxxxxxxxx> 2010-04-08 13:19:40 PDT ---
(In reply to comment #4)
> The bit to grab packets off the net is, at least in 1.2.x or later, called
> "dumpcap", and it can be made set-UID root.  (Gerald, did we do that in 1.0?) 

Yes. You can also use filesystem capabilities on Linux to grant capture
privileges to dumpcap and tshark (if needed). A writeup can be found at
http://packetlife.net/blog/2010/mar/19/sniffing-wireshark-non-root-user/ 

If you're using consolehelper (which I think is the case on Fedora/RHEL) you
might be able to use execcap+sucap to grab the privileges as root, drop back
down to the calling user, then run Wireshark.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.