Comment 8 for bug 893828

@Stefan: I think if a system uses NAS , which would allow a user being able to capture netwok packets read files, the syste admin would not allow capturing network packets as normal users.

You can still allow normal users to capture USB packets using wireshark by setting the setuid bit on dumpcap and making this change permanent using dpkg-statoverride as suggested in README.Debian:

      Note that capturing USB packets is not enabled for non-root users by using
      Linux Capabilities. You have to capture the packets using the method
      described in I./a., setting the set-user-id permanently using
      dpkg-statoverride or running Wireshark as root.

This opens a security hole on the system as detailed above.