Nmap Development mailing list archives
Re: [NMAP::Patch] Add support for check Linux capabilities privileges
From: Leonardo Amaral <leleobhz () leleobhz org>
Date: Sun, 13 Dec 2009 21:11:08 -0200
David Fifield escreveu:
On Tue, Dec 01, 2009 at 09:41:37AM -0200, Leonardo Amaral wrote:Hello List! (Its a more or less equal the mail i've sent to Fyodor) Im has a inspired guy with insomnia (4:15a.m here :p) ive created a patch to support capabilities. It worked very well, but this patch should be revised to dont have problems with security. I think kernel knowing the app capabilities, it allow the operation automatically. Ive defined has required capabilities these: CAP_NET_ADMIN Perform various network-related operations (e.g., setting privileged socket options, enabling multicasting, interface configuration, modifying routing tables). CAP_NET_BROADCAST (Unused) Make socket broadcasts, and listen to multicasts. CAP_NET_RAW Use RAW and PACKET sockets. Im sending the patch attached to version 5.10BETA1.Hi. This is a nice idea. If I understand correctly, this would allow nmap to be installed not setuid, with only a few capabilities set, so that non-root users could run privileged scans.
Right!
It would be good for security to run Nmap as a normal user, so that any security exploits wouldn't have access to every root has access to, only some network and packet-sending privileges.
No more suid/sgid/sudo/su/whatever :]
This is a Linux specific implementation and this is the reason to only compile this support on linux - detecting it in configure script.We could encourage distributors to install it that way, perhaps with execution limited to an nmap group or something. For this patch to be included, it will have to compile on all the platforms Nmap compiles on now. That will mean checking for capabilities support in configure.ac, and then conditionally compiling the parts that use capabilities.
Im sysadmin that love programming, but im not yet a hard programming and i dont know implementations issues about security (Things like gets() and fgets() usage concerning overflows). Im afraid i forgot something or use some function is not recommended. Notting about security of capabilities (If its insecure, is a linux kernel problem - what make me think if the capabilities per se is a problem, linux kernel will have biggers problems to solve concerning security than this - and anyway, capabilites comes to fix suid for every application for a specific usage - like nmap)What do you mean when you say the patch should be revised not to have problems with security?
David Fifield
P.s: Sorry about my very very bad english writing :] P.s2: Sorry for HTML mail. New mail client here. -- Leonardo Amaral - Administrador de Sistemas Linux Cerificado LPIC-2 LPI000106747 (Verificador hgwxf77vau) Tel: +55 31 8542-7467 / +55 31 4062-7411 -- Leonardo Amaral - Linux System Administrator LPI ID: LPI000106747 Level 2 certified (Verifier hgwxf77vau) Tel: +55 31 8542-7467 / +55 31 4062-7411 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NMAP::Patch] Add support for check Linux capabilities privileges Leonardo Amaral (Dec 01)
- Re: [NMAP::Patch] Add support for check Linux capabilities privileges David Fifield (Dec 12)
- Re: [NMAP::Patch] Add support for check Linux capabilities privileges Fyodor (Dec 13)
- Re: [NMAP::Patch] Add support for check Linux capabilities privileges Leonardo Amaral (Dec 13)
- Re: [NMAP::Patch] Add support for check Linux capabilities privileges David Fifield (Dec 12)