[Mageia-dev] [changelog] [RPM] cauldron core/release wireshark-1.8.4-2.mga3

Jani Välimaa jani.valimaa at gmail.com
Mon Dec 17 16:13:23 CET 2012


On Mon, 17 Dec 2012 09:57:13 +0000
Colin Guthrie <mageia at colin.guthr.ie> wrote:

> 'Twas brillig, and Olivier Blin at 17/12/12 09:55 did gyre and gimble:
> > wally <buildsystem-daemon at mageia.org> writes:
> > 
> >> Name        : wireshark                    Relocations: (not
> >> relocatable) Version     : 1.8.4
> >> Vendor: Mageia.Org Release     : 2.mga3
> >> Build Date: Sat Dec  1 17:48:14 2012 Install Date: (not
> >> installed)               Build Host: jonund.mageia.org
> >> Group       : Monitoring                    Source RPM: (none)
> >> Size        : 24192404                         License: GPLv2+ and
> >> GPLv3 Signature   : (none) Packager    : wally <wally>
> >> URL         : http://www.wireshark.org
> >> Summary     : Network traffic analyzer
> >> Description :
> >> Wireshark is a network traffic analyzer for Unix-ish operating
> >> systems. It is based on GTK+, a graphical user interface library,
> >> and libpcap, a packet capture and filtering library.
> >>
> >> wally <wally> 1.8.4-2.mga3:
> >> + Revision: 324195
> >> - install dumpcap setuid root as upstream suggests (to allow to
> >> start wireshark as normal user)
> >> - drop run-as-root hacks
> > 
> > Hi,
> > 
> > It seems you introduced a security flaw: now all users are able to
> > capture the network traffic.
> > 
> > This should be reverted, or restrictions should be added (maybe by
> > making consolekit add acls if possible).
> 
> Perhaps only make it only work for users in the wheel group?
> 

Ah, yes. Didn't think that much. :\

As Colin suggested we could "chgrp wheel /usr/bin/dumpcap && chmod
4750 /usr/bin/dumpcap". Or we could create wireshark group for it and
do the same.



More information about the Mageia-dev mailing list