|
EtherealRE: [Ethereal-users] Mandrake 7.2 and Ethereal User Privliges |
|
||
|
|
EtherealRE: [Ethereal-users] Mandrake 7.2 and Ethereal User Privliges |
|
||
Andy, It may not be as bad as you think - how many people can actually READ a trace? Especially one with as many packets as are likely to be found in a one minute sample off a cable modem on a popular wire? On Tue, 7 Nov 2000, HOOD, Andy wrote: > And I would have thought letting just anyone run a sniffer would be "a > bad thing"(tm). > You never know whose password will be on the wire. > > -----Original Message----- > From: Guy Harris [mailto:gharris@xxxxxxxxxxxx] > Sent: Wednesday, November 08, 2000 7:30 AM > To: John LeMay > Cc: Palmer C Byrne; ethereal-users@xxxxxxxxxxxx > Subject: Re: [Ethereal-users] Mandrake 7.2 and Ethereal User > Privliges > > On Tue, Nov 07, 2000 at 12:54:17PM -0500, John LeMay wrote: > > chmod 4755 /*/ethereal > > chmod 4755 /*/tethereal > > I seem to remember seeing, somewhere, a claim that it is not safe to > make GTK+ programs set-UID (or, at least, that GTK+ is not known to be > safe, so that there's a risk that it's not safe); I think it may have > been on one of the GTK+ mailing lists. > > Ethereal is a GTK+ program. > > Furthermore, we've not audited it to make sure it's safe to make > set-UID; you make it set-UID at your own risk. > > _______________________________________________ > Ethereal-users mailing list > Ethereal-users@xxxxxxxxxxxx > http://www.ethereal.com/mailman/listinfo/ethereal-users >
Powered by MHonArc 2.6.10