Nmap Development mailing list archives
Re: Privilege checks in broadcast-* scripts
From: Henri Doreau <henri.doreau () greenbone net>
Date: Fri, 13 Jan 2012 15:00:16 +0100
Hi Patrik, 2012/1/13 Patrik Karlsson <patrik () cqure net>:
Good catch Henri. But is the rootfail check really necessary? According to my understanding and nsedoc the prerule scripts only run once: "prerule scripts run once, before any hosts are scanned, during the script pre-scanning phase."
you're right, for these three prerule scripts we can probably avoid bloating the registry with the rootfail check.
In regards to the checks in the action code, I initially thought we could remove them. Then I remembered the force patch that we introduced recently and realized that we probably need them in the action method too.
That's also my concern. On the other hand if someone forces the execution of a script it's maybe better to let the code run. An error will be raised anyway if nmap can't open the pcap descriptor at all. I would suggest that we perform the checks in the prerules, and make them display the "<script> not running for lack of privileges." message, for consistency. Regards. -- Henri _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 13)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 13)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 14)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 14)
- Re: Privilege checks in broadcast-* scripts Kris Katterjohn (Jan 14)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 15)
- Re: Privilege checks in broadcast-* scripts Kris Katterjohn (Jan 15)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 15)
- Re: Privilege checks in broadcast-* scripts Kris Katterjohn (Jan 15)
- Re: Privilege checks in broadcast-* scripts Henri Doreau (Jan 13)
- Re: Privilege checks in broadcast-* scripts Patrik Karlsson (Jan 13)