forked from osmocom/wireshark
Expand the setuid text a bit.
svn path=/trunk/; revision=24485
This commit is contained in:
parent
a2b19b3603
commit
b202480fd8
8
INSTALL
8
INSTALL
|
@ -138,7 +138,13 @@ README.win32 for those instructions.
|
||||||
use this switch.
|
use this switch.
|
||||||
|
|
||||||
--enable-setuid-install
|
--enable-setuid-install
|
||||||
Use this switch to install dumpcap as setuid.
|
Wireshark and TShark rely on dumpcap for packet capture. Setting this
|
||||||
|
flag installs dumpcap with setuid root permissions, which lets any user
|
||||||
|
on the system capture live traffic. If this is not desired, you can
|
||||||
|
restrict dumpcap's permissions so that only a single user or group can
|
||||||
|
run it.
|
||||||
|
|
||||||
|
Running Wireshark or TShark as root is not recommended.
|
||||||
|
|
||||||
--without-pcap
|
--without-pcap
|
||||||
If you choose to build a packet analyzer that can analyze
|
If you choose to build a packet analyzer that can analyze
|
||||||
|
|
|
@ -46,7 +46,10 @@ interfaces: "--enable-setuid-install" and "--with-libcap". Setting
|
||||||
"--enable-setuid-install" to "yes" will install dumpcap setuid root.
|
"--enable-setuid-install" to "yes" will install dumpcap setuid root.
|
||||||
This is necessary for non-root users to be able to capture on most
|
This is necessary for non-root users to be able to capture on most
|
||||||
systems, e.g. on Linux or FreeBSD if the user doesn't have permissions
|
systems, e.g. on Linux or FreeBSD if the user doesn't have permissions
|
||||||
to access /dev/bpf*. It is disabled by default.
|
to access /dev/bpf*. It is disabled by default. Note that enabling this
|
||||||
|
allows packet capture for ALL users on your system. If this is not
|
||||||
|
desired, you should restrict dumpcap execution to a specific group or
|
||||||
|
user.
|
||||||
|
|
||||||
If the "--with-libcap" option is enabled, dumpcap will try to drop any
|
If the "--with-libcap" option is enabled, dumpcap will try to drop any
|
||||||
setuid privileges it may have while retaining the CAP_NET_ADMIN and
|
setuid privileges it may have while retaining the CAP_NET_ADMIN and
|
||||||
|
|
Loading…
Reference in New Issue