I think I'm going to use this as a case study... Yes, this is heavy flame material, but I'm in a fey mood...
So we ousted wireshark (at the time ethereal) out of the ports tree because of its lack of security. Now, we get a port that claims it's all fixed and better. >From what sthen@ says, it looks like the basis for this claim is just two posts in the wireshark cloud, saying non-privilege separation was indeed a problem, and saying 'the problem has been solved". The port is indeed a trivial port, with no development needed. And I can verify Stuart's claim just fine: no privilege separation in that port (otherwise, there would be a _wireshark user and I would see some @mode annotations in the PLIST, see, I don't even have to dig !) This is a pattern I've seen all too often: fledgling "security expert" who doesn't understand TWIT about development, and instead relies on developers' posts to understand how software works, as a kind of "arcane magic" (Plato's Cavern anyone ?) This gets tiresome... the lesson is simpler. Don't trust anyone who claims they sell "security" (heck, not even the OpenBSD project). It might be that the new wireshark is indeed correct, but until I actually look at the code, and see a port that actually *achieves* privilege separation, I see no reason to believe... It's all about freedom: the freedom to make up your own mind. Start educating yourselves, people ! you want to use dangerous tools like wireshark, don't even think about installing them without looking at the code yourself. You don't understand privilege separation ? Tough luck. What are you doing in the realm of computer security ? People, wake up. Network security was enough a few years ago. It's all about applications and secure development these days. At least if you want to matter 5 years from now...
