LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-16-2005, 10:58 AM   #1
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,419

Rep: Reputation: 55
How can I run ethereal as an under privledged user?


When I run it as my under privledged user I get:
The capture session could not be initiated (socket: Operation not permitted).
Please check to make sure you have sufficient permissions, and that
you have the proper interface or pipe specified.

When I su to root and try to run it I get:
abefro@bing:~> su
Password:
bing:/home/abefro # ethereal
X11 connection rejected because of wrong authentication.
The application 'ethereal' lost its connection to the display localhost:10.0;
most likely the X server was shut down or you killed/destroyed
the application.

If it setuid root on ethereal I get:
abefro@bing:~> ethereal

(process:5299): Gtk-WARNING **: This process is currently running setuid or setgid.
This is not a supported use of GTK+. You must create a helper
program instead. For further details, see:

http://www.gtk.org/setuid.html

Refusing to initialize GTK+.

What is a helper program?

How can I get this to work?
 
Old 05-16-2005, 11:07 AM   #2
nulldevice
LQ Newbie
 
Registered: Feb 2005
Posts: 4

Rep: Reputation: 0
use sudo instead.

use visudo to edit the file and make enteries like this

Cmnd_Alias ETH = /usr/bin/ethereal
Defaults:the_user_allowed_to_run_ethereal timestamp_timeout=-1
root ALL=(ALL) ALL
the_user_allowed_to_run_ethereal ALL = NOPASSWD: ETH

then log in as the_user_allowed_to_run_ethereal and on command prompt type sudo ethereal


shuld help
 
Old 05-16-2005, 12:07 PM   #3
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,419

Original Poster
Rep: Reputation: 55
Any other ways?
 
Old 05-16-2005, 12:42 PM   #4
SciYro
Senior Member
 
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038

Rep: Reputation: 51
you can use RSBAC (with the the caps module) to give ethreal root priv to read the network.
 
Old 05-16-2005, 02:55 PM   #5
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,419

Original Poster
Rep: Reputation: 55
what is RSBAC?
 
Old 05-16-2005, 04:36 PM   #6
SciYro
Senior Member
 
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038

Rep: Reputation: 51
http://www.rsbac.org/

a framework for implementing security models in Linux (altho the "modules" can be compiled in), the caps module allows you to set what user/program gets what root privileges (by setting, you enforce that those privs are given, otherwise the default Linux model is used, you can restrict root, for example). I use it because theres no need to be root to run harmless programs like nettop, and if the program gets compromised, it only has root privileges for network, and cant delete the file system (unlike using setuid, where a compromised program has full root privileges)..

RSBAC is hard to setup (it takes some getting used to the configure programs, just remember, if you didn't set it yourself, then whatever is displayed in the config program, is the default of that program, and not the default of what RSBAC does).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How do I run ethereal after installing it via the RPM? abefroman Linux - Security 9 05-10-2005 09:25 AM
Is it possible to run ethereal remotely via the commandline? abefroman Linux - Security 5 05-10-2005 12:10 AM
how do I make sure that the user that is going to run the script is a root user??? nikold01 Linux - General 3 09-10-2004 08:54 AM
Capturing packets in ethereal as non-root user? maxor Linux - Software 6 08-27-2003 04:05 PM
running ethereal as a normal user tangle Linux - Software 1 02-04-2003 10:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:44 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration