If we don't have libcap, relinquish special privileges just after

opening the capture device.  That somewhat fixes bug 2273, although the
second and subsequent files don't have the right group ownership,
probably because of the problem described in the comment before
relinquish_special_privs_perm().

We should also relinquish special privileges *before* trying to open the
capture pipe, so that we can't open a pipe to which the real user
doesn't have access.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@24347 f5534014-38df-0310-8fa8-9805f1628bb7

diff --git a/dumpcap.c b/dumpcap.c
index 3f048d845bf43246cd661d572315843fab546745..56fe00d79941de887c31a3f517d0378b84e5b62b 100644 (file)
--- a/dumpcap.c
+++ b/dumpcap.c
@@ -82,9 +82,7 @@
 #include "epan/unicode-utils.h"
 #endif
 
-#ifdef HAVE_LIBCAP
 #include "epan/privileges.h"
-#endif
 
 #include "sync_pipe.h"
 
@@ -1077,6 +1075,10 @@ capture_loop_open_input(capture_options *capture_opts, loop_data *ld,
                       open_err_str);
 #endif
 
+#ifndef HAVE_LIBCAP
+  relinquish_special_privs_perm();
+#endif
+
   if (ld->pcap_h != NULL) {
     /* we've opened "iface" as a network device */
 #ifdef _WIN32
@@ -2245,8 +2247,8 @@ main(int argc, char *argv[])
     sigaction(SIGHUP, &action, NULL);
 #endif  /* _WIN32 */
 
-#ifdef HAVE_LIBCAP
   get_credential_info();
+#ifdef HAVE_LIBCAP
   relinquish_privs_except_capture();
 #endif