9.10 Karmic upgrades removes Wireshark (as root)

Bug #471046 reported by Matt Burkhardt

This bug report was converted into a question: question #88240: 9.10 Karmic upgrades removes Wireshark (as root).

This bug affects 2 people
Affects Status Importance Assigned to Milestone
wireshark (Ubuntu)

Bug Description

Binary package hint: wireshark

When the upgrade from 9.04 to 9.10, the process removed Wireshark (as root) from the list of menu options and left Wireshark. I ended up having to do a little digging to recreate the right command to get Wireshark to run as root. Otherwise, it does not list any capture devices.

Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

Indeed, it is no longer there is the package, so this is "expected" behavior, upgrade or otherwise...

Apparently, this was done in the Debian packaging in version 1.2.1-2:

wireshark (1.2.1-2) unstable; urgency=low

  * added option to install dumpcap with setuid root
  * removed wireshark-root.desktop to discourage running Wireshark as root
  * dropped umask patch

 -- Balint Reczey <email address hidden> Tue, 28 Jul 2009 18:30:03 +0200

This is because running Wireshark as root potentially puts you at risk, as it could compromise your computer in the event that a malicious packet was intercepted or willingly sent to the capture device.

I'm converting this to a question, in order to provide the information on how to deal with this special case.

Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

This rather requires an explanation of the rationale for not running wireshark as root, as well as proposing an alternative workflow.

Changed in wireshark (Ubuntu):
status: New → Invalid
Revision history for this message
Alexandr Udovichenko (gragdanin) wrote :

it was a convenient menu... (((

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Related questions