<HTML> <HEAD> <TITLE>KSnuffle: Global Setup</TITLE> </HEAD> <BODY TEXT="#000000" BGCOLOR="#FFFFFF" LINK="#AA0000"> <FONT FACE="Helvetica"> <A HREF="http://www.kde.org/"><IMG SRC="logotp3.gif" ALT="The K Desktop Environment" BORDER=0 ></A> <BR> <HR noshade> <DIV ALIGN=right> <A HREF="index-5.html">Next</A> <A HREF="index-4.10.html">Previous</A> <A HREF="index.html#toc4">Table of Contents</A> </DIV> <BR> <H3> <A NAME="ss4.10"></A>4.11 Privileged User Setup </H3> <P> <B>KSnuffle</B> can be set up to allow non-root users to see some or all network traffic. Note that, to allow this, <B>KSnuffle</B> must be a SetUID-root program. Also, this page only appears if <B>KSnuffle</B> is actually being run by root. </P> <P> <A HREF="privilege.html" target="Privileged User Setup">Click for full size image</A><IMG SRC="privilege_s.png"> </P> <UL> <LI><B>Enable/Disable SetUID</B><BR> This control can be used to set and remove setuid-root from the KSnuffle executable; it also switches owner and group between root and the owner and group of the directory in which KSnuffle is installed. </LI> <LI><B>Full Access Users</B><BR> Full access users can see all data in captured packets. </LI> <LI><B>Data Hidden Users</B><BR> Users in this group can sniff network traffic, but the application data in packets is cleared to zeros. </LI> </UL> <P> In addition, a filter can be applied to any <I>Full Access</I> or <I>Data Hidden</I> user. Double-clicking a user brings up a dialog into which a <A HREF="man:tcpdump(8)">tcpdump(8)</A> style filter program can be entered. This is applied to <B>all</B> packets. Only those that pass the filter are visible to the user. </P> <P> <A HREF="index-5.html">Next</A> <A HREF="index-4.10.html">Previous</A> <A HREF="index.html#toc4">Table of Contents</A> </P> <P> <HR size="3" noshade> </P> </BODY> </HTML>