[PATCH] prevent NSE initialization when no scripts are to be used

[Solar Designer <solar () openwall com>]

Hi,

In the Owl package of Nmap, we're patching "nmap" to chroot to
/var/empty "whenever possible".  Previously, this meant "when running as
root and with the -n option" (indeed, our patched "nmap" would also drop
root privs upon obtaining the raw socket).  We've just started building
Nmap with NSE support enabled, and this broke our "drop privs" patch for
the case mentioned above.  It turns out that Nmap would try to load the
NSE libraries and scripts even when those are not to be used (at least
in our current understanding), and this sounds like a bug to us even if
the "drop privs" patch is not there.

Michail Litvak has developed a patch (attached) to prevent NSE
initialization when no scripts are to be used.  We'd appreciate a review
and any comments, and if our understanding and the patch are correct,
we'd appreciate the patch getting applied upstream.

As to the "drop privs" patch, Michail has updated it to initialize NSE
(when needed) prior to dropping privs, but that's a separate topic, and
we do not expect this patch to be accepted upstream in its current
Unix-only form.

Our patches may be seen at:

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/nmap/

Thanks,

Alexander

Attachment: nmap-5.00-owl-nse_open.diff
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org