run ethereal as root

Greetings,

I compiled ethereal and it works fine.
The problem is that I must launch it as root to be able to capture packets.
Could somone explain to me how I could allow a non-root user to launch
ethereal, without providing any passwd ?

I think of sudo but I'm not sure.
any tip,url most welcome :)

thank you people.

Gabriel wrote:

> Greetings,
>
> I compiled ethereal and it works fine.
> The problem is that I must launch it as root to be able to capture
> packets. Could somone explain to me how I could allow a non-root user to
> launch ethereal, without providing any passwd ?
>
> I think of sudo but I'm not sure.
> any tip,url most welcome :)
>
> thank you people.

use sudu.. just add whatever users access to ethereal with no password in
the sudoers file.

> use sudu.. just add whatever users access to ethereal with no password in
> the sudoers file.
Yes, it was as simple as that, I wasn't sure.

thank you very much :)

Gabriel wrote:

>
>> use sudu.. just add whatever users access to ethereal with no password in
>> the sudoers file.
> Yes, it was as simple as that, I wasn't sure.
>
> thank you very much :)

yer welcome

On 2004-12-13, Gabriel <cy_rainchapeau26@yahoo.fr> wrote:

> I compiled ethereal and it works fine.
> The problem is that I must launch it as root to be able to capture packets.

It needs root privileges to access the raw ethernet device.

> Could somone explain to me how I could allow a non-root user to launch
> ethereal, without providing any passwd ?
>
> I think of sudo but I'm not sure.

Use visudo to set this up. Eg:
john starfleet = NOPASSWD:/usr/X11R6/bin/ethereal

Then when you want to run ethreal, use "sudo ethereal"

--

-John (john@os2.dhs.org)

Gabriel wrote:

> Greetings,
>
> I compiled ethereal and it works fine.
> The problem is that I must launch it as root to be able to capture
> packets. Could somone explain to me how I could allow a non-root user to
> launch ethereal, without providing any passwd ?
>
> I think of sudo but I'm not sure.
> any tip,url most welcome :)
>
> thank you people.

Or if you feel up to patching a kernel, you can run it as an unprivileged
user with just the needed capabilities modification:

http://lwn.net/Articles/80239/

Jon.

-- * Does the walker choose the path, or does the path choose the walker?
(fr. Sabriel) * --

In article <41be0b0e$0$11905$636a15ce@news.free.fr>, Gabriel wrote:
> I compiled ethereal and it works fine. The problem is that I must launch
> it as root to be able to capture packets. Could somone explain to me how
> I could allow a non-root user to launch ethereal, without providing any
> passwd ?
>
> I think of sudo but I'm not sure. any tip,url most welcome :)

Uhm...are you *sure* you want to do this? This will allow those non-root
users to overwrite any file on your system, by saving a capture over it
from ethereal.

I haven't actually tried this...but in the preferences for printing from
ethereal, you can set the program to use (default is "lpr")....so what
happens if the user changes that to something of theirs? Will that let them
run their code as root?

--
--Tim Smith

On 2004-12-19, Tim Smith <reply_in_group@mouse-potato.com> wrote:

> In article <41be0b0e$0$11905$636a15ce@news.free.fr>, Gabriel wrote:
>> I compiled ethereal and it works fine. The problem is that I must launch
>> it as root to be able to capture packets. Could somone explain to me how
>> I could allow a non-root user to launch ethereal, without providing any
>> passwd ?
>>
>> I think of sudo but I'm not sure. any tip,url most welcome :)

> Uhm...are you *sure* you want to do this? This will allow those non-root
> users to overwrite any file on your system, by saving a capture over it
> from ethereal.

How so? sudo lets you enable this on a per-user basis. If the root user
enables ethereal access for me using sudo, then I am the only one able to
run ethereal from my non-root account.

If the root user doesn't trust me to use ethereal responsibly, then this
access should not be allowed in the first place. But since I am the root
user as well as an ordinary user, I have no problem configuring sudo to
give me access to ethereal from my user account.

--

John (john@os2.dhs.org)

john@starfleet.os2.dhs.org, lun20041220@20:07:38(CET):
>
> But since I am the root user as well as an ordinary user, I have no
> problem configuring sudo to give me access to ethereal from my user
> account.

Which means that now there is another way to get root in your system. Anyone
that gets the privileges of your user has instant access to the root
account. Are you sure that all the programs you run *as user* are safe? I
prefer to capture packets using tcpdump -w and analyze the log afterwards.


--
David Serrano

On 2004-12-20, Hue-Bond <responder_solo_en_el_grupo@yahoo.es> wrote:

> john@starfleet.os2.dhs.org, lun20041220@20:07:38(CET):
>>
>> But since I am the root user as well as an ordinary user, I have no
>> problem configuring sudo to give me access to ethereal from my user
>> account.

> Which means that now there is another way to get root in your system. Anyone
> that gets the privileges of your user has instant access to the root
> account.

No; it means that they could only run ethereal with root privileges. But
first they'd have to figure out that ethereal is sudo-enabled with root
privileges, and then they'd have to figure out how they could use that to
escalate other privileges.

Sudo allows fine-tuned control over privileged access -- on a per-user and
per program basis. Just because I can run ethereal with root privileges
doesn't mean that everything can run with root privileges.

--

John (john@os2.dhs.org)