Nmap Development mailing list archives
Re: Running NMAP as a non root user - patch
From: uzy () isecurelabs com
Date: Mon, 16 May 2005 12:15:37 +0200
Nmap offers several commandline parameters that allow to write to files or to read from files. Using these flags, a user could be able to get sensitive information from files he doesn't have the right to read. He could also be able to overwrite essential files. I haven't seen the patch file in the mail from Uri Gilad, can you send it again with the file ? :) Thanks Pablo Fernández writes:
I wonder how a chown root nmap; chmod +s nmap; installation would be a security risk (given that nmap doesn't have a large vulnerability records (that am I aware of)). Any comments on this? Best regards.
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Running NMAP as a non root user - patch Uri Gilad (May 16)
- Re: Running NMAP as a non root user - patch Pablo Fernández (May 16)
- Re: Running NMAP as a non root user - patch uzy (May 16)
- Re: Running NMAP as a non root user - patch Richard Moore (May 16)
- Re: Running NMAP as a non root user - patch Felix Gröbert (May 16)
- Message not available
- Re: Running NMAP as a non root user - patch Emmanuel Goldstein (May 16)
- Re: Running NMAP as a non root user - patch Fyodor (May 16)
- Re: Running NMAP as a non root user - patch Pablo Fernández (May 16)
- Re: Running NMAP as a non root user - patch Pablo Fernández (May 16)
- Re: Running NMAP as a non root user - patch (capabilities) Martin Mačok (May 17)
- Re: Running NMAP as a non root user - patch (capabilities) Richard Moore (May 17)
- <Possible follow-ups>
- RE: Running NMAP as a non root user - patch Uri Gilad (May 16)