[Mageia-dev] [changelog] [RPM] cauldron core/release wireshark-1.8.4-2.mga3
Olivier Blin
mageia at blino.org
Mon Dec 17 10:55:32 CET 2012
wally <buildsystem-daemon at mageia.org> writes:
> Name : wireshark Relocations: (not relocatable)
> Version : 1.8.4 Vendor: Mageia.Org
> Release : 2.mga3 Build Date: Sat Dec 1 17:48:14 2012
> Install Date: (not installed) Build Host: jonund.mageia.org
> Group : Monitoring Source RPM: (none)
> Size : 24192404 License: GPLv2+ and GPLv3
> Signature : (none)
> Packager : wally <wally>
> URL : http://www.wireshark.org
> Summary : Network traffic analyzer
> Description :
> Wireshark is a network traffic analyzer for Unix-ish operating systems. It is
> based on GTK+, a graphical user interface library, and libpcap, a packet
> capture and filtering library.
>
> wally <wally> 1.8.4-2.mga3:
> + Revision: 324195
> - install dumpcap setuid root as upstream suggests (to allow to start wireshark as normal user)
> - drop run-as-root hacks
Hi,
It seems you introduced a security flaw: now all users are able to
capture the network traffic.
This should be reverted, or restrictions should be added (maybe by
making consolekit add acls if possible).
--
Olivier Blin - blino
More information about the Mageia-dev
mailing list