[Mageia-dev] [changelog] [RPM] cauldron core/release wireshark-1.8.4-2.mga3

AL13N alien at rmail.be
Mon Dec 17 23:25:42 CET 2012


Op maandag 17 december 2012 11:14:00 schreef Guillaume Rousse:
> Le 17/12/2012 10:57, Colin Guthrie a écrit :
> >>> wally <wally> 1.8.4-2.mga3:
> >>> + Revision: 324195
> >>> - install dumpcap setuid root as upstream suggests (to allow to start
> >>> wireshark as normal user) - drop run-as-root hacks
> >> 
> >> Hi,
> >> 
> >> It seems you introduced a security flaw: now all users are able to
> >> capture the network traffic.
> >> 
> >> This should be reverted, or restrictions should be added (maybe by
> >> making consolekit add acls if possible).
> > 
> > Perhaps only make it only work for users in the wheel group?
> 
> What's the added-value of pushing this kind of pre-defined user
> management policies ? That's not packaging anymore, this is sysadmin
> duty for me.

which is why imo the run-as-root hacks should be removed for something more 
KISS


More information about the Mageia-dev mailing list