[Ethereal-users] Re: [Ethereal-dev] Priv sep in ethereal

[Gilbert Ramirez <gilbertr@xxxxxxxxx>]

On Mon, 07 Feb 2005 13:10:42 -0800, Stephen Samuel (leave the email
alone) <samnospam@xxxxxxxxxxx> wrote:
> http://ask.slashdot.org/comments.pl?sid=138603&cid=11599438
> 
> A comment in Slashdot reminding me of why ethereal is no longer
> ported to OpenBSD, and the fact that I just upgraded my oBSD
> firewall (lamenting this exclusion), has prompted me to write
> this.
> 
> Perhaps it's time to build some firewalls into ethereal.  This
> would actually consist of two different parts:
> 
> One is priveledge seperation.
> The other is dissector categorization.
> 

I don't use OpenBSD, but file permissions on the bpf device *should*
allow Ethereal to capture packets as a non-root user on OpenBSD.

> Categorizing disssectors based on their security would have
> two purposes:
> 1) I propose that, by default, only the most 'secure' of
>     dissectors be enabled by default.   Users who want the
>     less secure dissectors (because they need them and/or
>     they'r not in an overtly 'hostile' environment. could
>     enable the rest explicitly.


I can only think of two categories for Ethereal code... code with a
known security bug, and code with unknown security bugs. The Ethereal
community is very rapid in responding to security bugs; I don't know
of any instance where we left known security problems to linger.

So, I don't see how we could categorize dissectors into security
levels. Either they are or they aren't, and if they aren't, we fix
them right away.

--gilbert