The K Desktop Environment

Next Previous Table of Contents

 

7. Caveats

7.1 Implementation Caveats

Please note the following points.

7.2 Setuid and Root Execution

If KSnuffle is installed normally, it will execute as whoever invokes it. If the user is not root, then it will not be able to access network interfaces. Under these circumstances, only log file replay and remote sniffing is permitted.

If KSnuffle is set to be setuid-root, then selected non-root users will be able to use the program; when KSnuffle is run by root, then the User Setup page can be used to control this.

As if KDE 2.1 (at least, as of the CVS code from mid-January 2001), the KDE libraries will detect programs that appear to be running setuid-root, and will terminate them. KSnuffle contains code to work around this restriction. However, the author accepts no responsibility for any consequences of running KNsuffle in this way.

If you do wish to use KSnuffle to sniff local network interfaces, but are not prepared either to (a) make KSnuffle setuid-root nor (b) to run it as root, then equivalent functionality can be provided by installing the remote sniffer daemon rsnuffle. However, under such circumstances, do not sniff the loopback device!

Next Previous Table of Contents