b) would in general be a lot safer, in that you're elevating one process rather than lowering a privileged interface so that every process you run can sniff it.
Correct - Least Privilege says you do the absolute least you need to do in order to make things work, so that any errors are limited to that one part of the system.
What's been done here by Wireshark isn't least privilege, or secure. Its like the opposite of least privilege and security.
What's been done here by Wireshark isn't least privilege, or secure. Its like the opposite of least privilege and security.