Nmap Development mailing list archives
Re: [Patch] Automatically switch to privileged when Nmap has required capabilities
From: nnposter () users sourceforge net
Date: Wed, 13 Aug 2014 16:08:25 +0000
Daniel Miller wrote:
This is not a good idea, because these capabilities are protecting privileged operations that admins may not want to grant to regular users. Specifically, being able to sniff network traffic, possibly being permitted to manage network interfaces, etc. On the other hand, we could ship a simple script to do this, or create a new make target, "make setcap" or something, to make it easier for people to do it on their own.
In agreement with Dan, I like the Ubuntu approach for Wireshark: Dumpcap is installed as a regular binary and the system admin then has the option to use dpkg-reconfigure to set the relevant capabilities. (The Ubuntu package for nmap does not offer anything in this respect.) For internal use I manage a Debian package for nmap, imitating the Ubuntu approach to Wireshark. I will be happy to post the corresponding post-install/post-remove scripts if anybody is interested. Cheers, nnposter _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [Patch] Automatically switch to privileged when Nmap has required capabilities Jay Bosamiya (Aug 13)
- Re: [Patch] Automatically switch to privileged when Nmap has required capabilities Daniel Miller (Aug 13)
- Re: [Patch] Automatically switch to privileged when Nmap has required capabilities nnposter (Aug 13)
- Re: [Patch] Automatically switch to privileged when Nmap has required capabilities Patrick Donnelly (Aug 13)
- Re: [Patch] Automatically switch to privileged when Nmap has required capabilities Jay Bosamiya (Aug 17)
- Re: [Patch] Automatically switch to privileged when Nmap has required capabilities Patrick Donnelly (Aug 18)
- Re: [Patch] Automatically switch to privileged when Nmap has required capabilities Daniel Miller (Aug 18)
- Re: [Patch] Automatically switch to privileged when Nmap has required capabilities Jay Bosamiya (Aug 18)
- Re: [Patch] Automatically switch to privileged when Nmap has required capabilities Daniel Miller (Aug 13)