[Winpcap-users] Feature request: restricting use of winpcap
Guy Harris
guy at alum.mit.edu
Mon Aug 1 18:58:00 GMT 2005
Gianluca Varenni wrote:
> As Loris explained some days ago on the mailing list
> (http://www.winpcap.org/pipermail/winpcap-users/2005-July/000202.html)
> we are definitely planning to add such feature, but it won't be
> available in the upcoming WinPcap 3.1. The idea is putting some ACLs on
> the npf devices to selectively allow/deny tx and rx through a control
> panel applet (or something similar).
...although this doesn't "define a filter string" in the sense of
allowing untrusted users only to capture with a particular filter
string, if that's what "setting some registry values to define a filter
string" refers to - you either let people capture what they want or you
don't let them capture anything.
(This is similar to what you can get on BSD systems, either by setting
the owner or permissions bits on the /dev/bpf device files or, on BSDs
that support ACLs - recent FreeBSD's do, as does OS X 10.4[.x] if you
enable ACLs on a file system - setting an ACL on those device files.)
More information about the Winpcap-users
mailing list