forked from osmocom/wireshark
8d7876bace
Users should not be starting Wireshark as root user (sudo or root login). If they do, then they can already execute arbitrary code via C plugins, or read and write arbitrary files. Limiting the Lua API will not really help these users to prevent breaking their system further. Therefore remove all artificial restrictions and allow users to run user-supplied scripts by default. If for whatever policy reason this flag is set to false, then only Lua dissectors from the global system directory are executed. It is their responsibility not to provide a free root shell to the user. Note that "running_superuser" will also be true if setuid root while the effective and real user is no longer root. This happens due to relinquish_special_privs_perm(). In this case, disabling the Lua API is just annoying with no benefits. Change-Id: Ie8a38e6160d861f02cbb70dcd1d90462153f4665 Link: https://www.wireshark.org/lists/wireshark-dev/201902/msg00004.html Reviewed-on: https://code.wireshark.org/review/31913 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Dario Lombardo <lomato@gmail.com> Reviewed-by: Peter Wu <peter@lekensteyn.nl> |
||
---|---|---|
.. | ||
.editorconfig | ||
CMakeLists.txt | ||
console.lua | ||
dtd_gen.lua | ||
init_wslua.c | ||
init_wslua.h | ||
lrexlib.c | ||
lrexlib.h | ||
lrexlib_algo.h | ||
lrexlib_glib.c | ||
lrexlib_glib_f.c | ||
lua_bitop.c | ||
lua_bitop.h | ||
make-init-lua.pl | ||
make-reg.pl | ||
make-taps.pl | ||
taps | ||
template-init.lua | ||
wslua.h | ||
wslua_address.c | ||
wslua_byte_array.c | ||
wslua_capture_info.c | ||
wslua_column.c | ||
wslua_dir.c | ||
wslua_dissector.c | ||
wslua_dumper.c | ||
wslua_field.c | ||
wslua_file.c | ||
wslua_file_common.c | ||
wslua_file_common.h | ||
wslua_file_handler.c | ||
wslua_frame_info.c | ||
wslua_gui.c | ||
wslua_int64.c | ||
wslua_internals.c | ||
wslua_listener.c | ||
wslua_nstime.c | ||
wslua_pinfo.c | ||
wslua_pinfo_common.h | ||
wslua_pref.c | ||
wslua_proto.c | ||
wslua_proto_expert.c | ||
wslua_proto_field.c | ||
wslua_struct.c | ||
wslua_tree.c | ||
wslua_tvb.c | ||
wslua_util.c |