[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    KSniffer and the "sniff" suid
From:       Giovanni Venturi <gventuri73 () tiscali ! it>
Date:       2005-11-04 22:22:49
Message-ID: 200511042322.49512.gventuri73 () tiscali ! it
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


Hello,
I'm the KSniffer author (trunk/playground/network/ksniffer). I released 
KSniffer 0.1.1 at the end of July. In that release to sniff packets from 
network interface I used kdesu to give the GUI the root privileges because I 
used sniffing directly from the GUI by QThread with libpcap.
Now in the version in trunk (I hope to release 0.2 for Christmas) I don't need 
kdesu anymore because I wrote "sniff" application that uses suid privileges 
to be executed as root by any user. This application simply read an XML file 
produced by the GUI and than start sniffing packets writing them into a file. 
The GUI read this file and so display the packets in a KListView in the Main 
View. Can someone take a look at the code? Is it a good solution? I removed 
the kdesu use because of a GUI bad "look and feel" style... Configuring 
KSniffer "look and feel" was hard because I needed to modify root "look and 
feel", so to simplify this I hope no security issue introduced with this new 
KSniffer version. I know Waldo Bastian and some other of you follow the KDE 
security bugs. I know this is not Konqueror or KDM and it's just an 
application in playground but I hope someone can suggest me, give hints or 
take a look at the code.
I know that in case a bad formed packets arrive to the network interface the 
application crash (at least GUI) because I don't check yet if a packet is 
corrupted or not, but in next weeks this has to be done to avoid security 
problem and crashes. I know network packets hardly is corrupted but this 
feature is important.
Some developers asked me to remove kdesu so after some problem I found the 
"right" way. Any idea?
Thank you,
Giovanni

-- 
A KDE Italian translator and KSniffer core developer
Slackware GNU/Linux current version - kernel 2.6.14

[Attachment #5 (application/pgp-signature)]

>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic