Ask Your Question
0

Operation not permitted on Mac when Wireshark downloaded with SigmaOS browser

asked 2022-08-29 22:12:19 +0000

Riesartman gravatar image

updated 2022-08-30 18:43:27 +0000

Guy Harris gravatar image

Hello,

I’ve downloaded the last stable version of Wireshark, but impossible to launch it. When I launch from the app, it says that it’s impossible to open without any infos. When I try to laiunch from the terminal via wireshark command. It just say operation not permitted, even in sudo mode and even if I launch directly from /Applications/Wireshark.app/Contents/MacOS.

I’ve tried to compare with a friend who also possess a M1 Mac and we got exactly the same rights.

I’ve tried to disable protections from app too with the command sudo spctl --master-disable. Same thing, it didn’t work, always the same error message.

Does someone got the same issue at one point ?

edit retag flag offensive close merge delete

Comments

What is 'last stable version'? Can you give us a number?

Jaap gravatar imageJaap ( 2022-08-30 04:12:38 +0000 )edit

What is all the text that's printed if you run wireshark from the command line? (Not just the "operation not permitted" part, but everything that's printed after you hit "return".)

Guy Harris gravatar imageGuy Harris ( 2022-08-30 06:17:20 +0000 )edit

@Guy Harris, it’s written zsh: operation not permitted: wireshark

Riesartman gravatar imageRiesartman ( 2022-08-30 06:46:43 +0000 )edit

@Jaap the last stable version is 3.6.7. I’ve tried also the 3.4.15 version but same error

Riesartman gravatar imageRiesartman ( 2022-08-30 06:47:40 +0000 )edit

Let's see, what's the output for spctl -a /Applications/Wireshark.app? You might need to enable it first to get some valid response.

Jaap gravatar imageJaap ( 2022-08-30 13:03:53 +0000 )edit

1 Answer

Sort by » oldest newest most voted
0

answered 2022-08-30 16:15:38 +0000

Riesartman gravatar image

Ok I’ve got /Applications/Wireshark.app: File created by an AppSandbox, exec/open not allowed. So i tried to use the command xattr -l /Applications/Wireshark.app and I’ve got com.apple.quarantine: 0186;630c937d;com.apple.WebKit.Networking;. So I was wondering maybe it’s because I’ve download it from a special web browser called « SigmaOS » that is sandboxed. And it appears that if I download Wireshark from Chrome, I can launch it now. So it’s solved and but a bit incovenient for the browser that I use but it’s not Wireshark related.

edit flag offensive delete link more

Comments

Safari's also sandboxed, but, at least as of when this was described to me, the code that implements the file open/save dialog box in Cocoa runs a non-sandboxed process and does something such as do the open of the file to read or write (so the file is, for example, created by a non-sandboxed process) and hands it to the sandboxed code to write to, allowing a sandboxed app to write files that aren't locked up. Perhaps SigmaOS is doing things differently; you might want to report this to the SigmaOS people as a bug.

Guy Harris gravatar imageGuy Harris ( 2022-08-30 18:42:30 +0000 )edit

I’ve discussed with a developer of sigmaos browser. They made a mistake when changing com.apple.quarantine so it explains why there are some issues with certain files. It’s not at all Wireshark related.

Riesartman gravatar imageRiesartman ( 2022-08-30 19:05:50 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2022-08-29 22:12:19 +0000

Seen: 827 times

Last updated: Aug 30 '22