Nmap Development mailing list archives
Re: Running NMAP as a non root user - patch
From: Fyodor <fyodor () insecure org>
Date: Mon, 16 May 2005 11:54:22 -0700
On Mon, May 16, 2005 at 12:51:47PM +0300, Uri Gilad wrote:
using the linux kernel capabilities ( http://ftp.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.4/capfaq-0.2.txt), and the following patch for nmap it is possible to run nmap as a non-root user granting it only raw network capabilities.
Good point. I have modified Nmap as follows for the next version: Added new --privileged command-line option and NMAP_PRIVILEGED environmental variable. Either of these tell Nmap to assume that the user has full privileges to execute raw packet scans, OS detection and the like. This can be useful when Linux kernel capabilities or other systems are used that allow non-root users to perform raw packet or ethernet frame manipulation. Without this flag or variable set, Nmap bails on UNIX if geteuid() is nonzero. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Running NMAP as a non root user - patch Uri Gilad (May 16)
- Re: Running NMAP as a non root user - patch Pablo Fernández (May 16)
- Re: Running NMAP as a non root user - patch uzy (May 16)
- Re: Running NMAP as a non root user - patch Richard Moore (May 16)
- Re: Running NMAP as a non root user - patch Felix Gröbert (May 16)
- Message not available
- Re: Running NMAP as a non root user - patch Emmanuel Goldstein (May 16)
- Re: Running NMAP as a non root user - patch Fyodor (May 16)
- Re: Running NMAP as a non root user - patch Pablo Fernández (May 16)
- Re: Running NMAP as a non root user - patch Pablo Fernández (May 16)
- Re: Running NMAP as a non root user - patch (capabilities) Martin Mačok (May 17)
- Re: Running NMAP as a non root user - patch (capabilities) Richard Moore (May 17)
- <Possible follow-ups>
- RE: Running NMAP as a non root user - patch Uri Gilad (May 16)