wireshark: yet another pile of dissector flaws
wireshark: yet another pile of dissector flaws
Posted Oct 7, 2014 0:00 UTC (Tue) by pizza (subscriber, #46)In reply to: wireshark: yet another pile of dissector flaws by malor
Parent article: wireshark: yet another pile of dissector flaws
> If you're going to be releasing code that needs root to run, then you should absolutely err on the side of not including contributed code you haven't audited very carefully.
I suggest you audit your understanding; wireshark has, for a very long time now, separated the *capture* component (which requires elevated privileges for some sorts of capture operations) from the *decoding* component into separate processes.
> It's supposedly one of the first responders to security problems; there aren't that many programs where security matters more.
By all means help them out, they're always in need of help. Or are you volunteering additional work on others?