Nmap Development mailing list archives
Re: Running NMAP as a non root user - patch
From: Fyodor <fyodor () insecure org>
Date: Mon, 16 May 2005 19:47:49 -0700
On Mon, May 16, 2005 at 10:48:00PM +0200, Felix Gröbert wrote:
A setuid nmap executeable is a bad idea. So do not chmod +s it if your friend wants to test his firewall rules from your box:
I agree. And the man page makes this crystal clear in 2 places: "nmap should be run as root whenever possible (not setuid root, of course)." "Nmap should never be installed with special privileges (eg suid root) for security reasons."
A nice backdoor... --interactive isn't in the man page, maybe for a reason
It's not a backdoor, since people have to install Nmap in a non-default way in direct violation of repeated security warnings in the man page in order to be "vulnerable". And as others have noted on this thread, interactive mode is only one of many huge security risks of running Nmap setuid. Interactive mode isn't in the man page, though here is the text from the release announcement when it was added more than 5 years ago: "[2.3BETA12] contains some cool new features. One is interactive mode, which gives you an interactive Nmap prompt and allows you easily launch multiple scans (either synchronously or in the background). This is useful for people who scan from multi-user systems -- they often want to test their security without letting everyone else on the system knowing exactly what systems they are scanning. Use --interactive to activate this mode and then type 'h' for help." --http://seclists.org/lists/nmap-hackers/2000/Jan-Mar/0000.html I've added a short note about --interactive to the man page for the next Nmap. But it is a relatively useless option that I may eventually remove. Your normal shell is probably much more convenient. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Running NMAP as a non root user - patch Uri Gilad (May 16)
- Re: Running NMAP as a non root user - patch Pablo Fernández (May 16)
- Re: Running NMAP as a non root user - patch uzy (May 16)
- Re: Running NMAP as a non root user - patch Richard Moore (May 16)
- Re: Running NMAP as a non root user - patch Felix Gröbert (May 16)
- Message not available
- Re: Running NMAP as a non root user - patch Emmanuel Goldstein (May 16)
- Re: Running NMAP as a non root user - patch Fyodor (May 16)
- Re: Running NMAP as a non root user - patch Pablo Fernández (May 16)
- Re: Running NMAP as a non root user - patch Pablo Fernández (May 16)
- Re: Running NMAP as a non root user - patch (capabilities) Martin Mačok (May 17)
- Re: Running NMAP as a non root user - patch (capabilities) Richard Moore (May 17)
- <Possible follow-ups>
- RE: Running NMAP as a non root user - patch Uri Gilad (May 16)