--- tcpdump-3.9.4/tcpdump.c.ring	2005-08-23 12:29:41.000000000 +0200
+++ tcpdump-3.9.4/tcpdump.c	2005-12-20 13:32:45.000000000 +0100
@@ -109,7 +109,8 @@
 static void ndo_default_print(netdissect_options *, const u_char *, u_int);
 static void dump_packet_and_trunc(u_char *, const struct pcap_pkthdr *, const u_char *);
 static void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
-static void droproot(const char *, const char *);
+static void droproot(const char *, const char *, int);
+static void setroot(void);
 static void ndo_error(netdissect_options *ndo, const char *fmt, ...);
 static void ndo_warning(netdissect_options *ndo, const char *fmt, ...);
 
@@ -295,6 +296,7 @@
 	char	*WFileName;
 	pcap_t	*pd;
 	pcap_dumper_t *p;
+	char    *username;
 };
 
 static void
@@ -366,9 +368,10 @@
 #ifndef WIN32
 /* Drop root privileges and chroot if necessary */
 static void
-droproot(const char *username, const char *chroot_dir)
+droproot(const char *username, const char *chroot_dir, int set_uid)
 {
 	struct passwd *pw = NULL;
+	int    res;
 
 	if (chroot_dir && !username) {
 		fprintf(stderr, "tcpdump: Chroot without dropping root is insecure\n");
@@ -384,8 +387,11 @@
 				exit(1);
 			}
 		}
-		if (initgroups(pw->pw_name, pw->pw_gid) != 0 ||
-		    setgid(pw->pw_gid) != 0 || setuid(pw->pw_uid) != 0) {
+		res = (initgroups(pw->pw_name, pw->pw_gid) != 0) || 
+			(set_uid ? (setgid(pw->pw_gid) != 0 || setuid(pw->pw_uid) != 0) :
+                                   (setegid(pw->pw_gid) != 0 || seteuid(pw->pw_uid) != 0));
+                
+		if (res) {
 			fprintf(stderr, "tcpdump: Couldn't change to '%.32s' uid=%lu gid=%lu: %s\n",
 			    username, 
 			    (unsigned long)pw->pw_uid,
@@ -400,6 +406,17 @@
 		exit(1);
 	}
 }
+
+/* Set root privileges */
+static void
+setroot(void)
+{
+	if (setegid(0) != 0 || seteuid(0) != 0) {
+           fprintf(stderr, "tcpdump: Couldn't change to root uid=0 gid=0: %s\n",
+                            pcap_strerror(errno));
+                            exit(1);
+	}
+}
 #endif /* WIN32 */
 
 static int
@@ -463,6 +480,7 @@
 	int devnum;
 #endif
 	int status;
+	int set_uid = 1;
 #ifdef WIN32
 	u_int UserBufferSize = 1000000;
 	if(wsockinit() != 0) return 1;
@@ -972,7 +990,9 @@
 			dumpinfo.WFileName = WFileName;
 			dumpinfo.pd = pd;
 			dumpinfo.p = p;
+			dumpinfo.username = username;
 			pcap_userdata = (u_char *)&dumpinfo;
+			set_uid = 0;
 		} else {
 			callback = dump_packet;
 			pcap_userdata = (u_char *)p;
@@ -998,7 +1018,7 @@
 	 */
 	if (getuid() == 0 || geteuid() == 0) {
 		if (username || chroot_dir)
-			droproot(username, chroot_dir);
+			droproot(username, chroot_dir, set_uid);
 	}
 #endif /* WIN32 */
 #ifdef SIGINFO
@@ -1181,7 +1201,14 @@
 		if (name == NULL)
 			error("dump_packet_and_trunc: malloc");
 		MakeFilename(name, dump_info->WFileName, Cflag_count, WflagChars);
+#ifndef WIN32
+		setroot();
+#endif /* WIN32 */
 		dump_info->p = pcap_dump_open(dump_info->pd, name);
+#ifndef WIN32
+                if (dump_info->username)
+			droproot(dump_info->username, NULL, 0);
+#endif /* WIN32 */
 		free(name);
 		if (dump_info->p == NULL)
 			error("%s", pcap_geterr(pd));