undefined | Better HN

0 pointsyborg10y ago0 comments

I also can't access loopback on 10.11.3, I get this exact error. And I'm running as an Administrator account.

0 comments

msbarnett10y ago

Yeah, it's that they installed Wireshark, and gave it privileges to chown the loopback interfaces.

edit: Irony here is that Wireshark is doing something far more dangerous than 1password.

jlgaddis10y ago

It's either a) change the group on the /dev/bpf entries and add your user to that group or b) run Wireshark as root.

msbarnett10y ago

b) would in general be a lot safer, in that you're elevating one process rather than lowering a privileged interface so that every process you run can sniff it.

1 more reply

lttlrck10y ago

On Linux you can give an executable admin access to network devices with setcap which narrows it down further. Is the same possible on OS X?

Edit. Actually this is worse than running as root isn't it!

1 more reply

j / k navigate · click thread line to collapse

0 comments

msbarnett10y ago

Yeah, it's that they installed Wireshark, and gave it privileges to chown the loopback interfaces.

edit: Irony here is that Wireshark is doing something far more dangerous than 1password.

jlgaddis10y ago

It's either a) change the group on the /dev/bpf entries and add your user to that group or b) run Wireshark as root.

msbarnett10y ago

b) would in general be a lot safer, in that you're elevating one process rather than lowering a privileged interface so that every process you run can sniff it.

1 more reply

lttlrck10y ago

On Linux you can give an executable admin access to network devices with setcap which narrows it down further. Is the same possible on OS X?

Edit. Actually this is worse than running as root isn't it!

1 more reply

j / k navigate · click thread line to collapse