diff options
author | Bjørn Forsman <bjorn.forsman@gmail.com> | 2014-04-20 18:15:42 +0200 |
---|---|---|
committer | Bjørn Forsman <bjorn.forsman@gmail.com> | 2014-04-22 21:33:11 +0200 |
commit | 27477f1fac7e9845dad55670e178d588548ac1c1 (patch) | |
tree | 138382ee1494960c0994576b2aebb7674e97d944 /pkgs/applications/networking/sniffers/wireshark | |
parent | 7d1ddae58e465a1708967c9fee651c33819969c6 (diff) | |
download | nixlib-27477f1fac7e9845dad55670e178d588548ac1c1.tar nixlib-27477f1fac7e9845dad55670e178d588548ac1c1.tar.gz nixlib-27477f1fac7e9845dad55670e178d588548ac1c1.tar.bz2 nixlib-27477f1fac7e9845dad55670e178d588548ac1c1.tar.lz nixlib-27477f1fac7e9845dad55670e178d588548ac1c1.tar.xz nixlib-27477f1fac7e9845dad55670e178d588548ac1c1.tar.zst nixlib-27477f1fac7e9845dad55670e178d588548ac1c1.zip |
wireshark: build with libcap (POSIX capabilities)
This makes running wireshark (or more specifically, dumpcap) as root a bit more secure. From <wireshark-1.11.2>/doc/README.packaging: The "--with-libcap" option is only useful when dumpcap is installed setuid. If it is enabled dumpcap will try to drop any setuid privileges it may have while retaining the CAP_NET_ADMIN and CAP_NET_RAW capabilities. It is enabled by default, if the Linux capabilities library (on which it depends) is found.
Diffstat (limited to 'pkgs/applications/networking/sniffers/wireshark')
-rw-r--r-- | pkgs/applications/networking/sniffers/wireshark/default.nix | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/pkgs/applications/networking/sniffers/wireshark/default.nix b/pkgs/applications/networking/sniffers/wireshark/default.nix index 256681ec54e2..37a75e437ad3 100644 --- a/pkgs/applications/networking/sniffers/wireshark/default.nix +++ b/pkgs/applications/networking/sniffers/wireshark/default.nix @@ -1,5 +1,6 @@ { stdenv, fetchurl, pkgconfig, perl, flex, bison, libpcap, libnl, c-ares , gnutls, libgcrypt, geoip, heimdal, lua5, gtk, makeDesktopItem, python +, libcap }: let version = "1.11.2"; in @@ -14,7 +15,7 @@ stdenv.mkDerivation { buildInputs = [ bison flex perl pkgconfig libpcap lua5 heimdal libgcrypt gnutls - geoip libnl c-ares gtk python + geoip libnl c-ares gtk python libcap ]; preConfigure = '' |