Re: Patches for a log_output bugfix, and a --no-clobber implementation

[David Fifield <david () bamsoftware com>]

On Thu, Oct 06, 2011 at 06:29:38PM -0500, Kris Katterjohn wrote:
> On 10/06/2011 06:14 PM, David Fifield wrote:
> > On Thu, Sep 15, 2011 at 01:33:48AM +0200, Dominic White wrote:
> > > Thanks for the helpful feedback David, you made a first time post
> > > easy. Some questions, if you wouldn't mind inline.
> > >
> > > On 14 Sep 2011, at 6:38 PM, David Fifield wrote:
> > > > > The second set of patches provide two methods of implementing a
> > > > > --no-clobber function. I regularly find myself overwriting scans by
> > > > > hitting the up key in my CLI, editing the options but forgetting to
> > > > > update the -oA argument. I know this is "human error" and the --append
> > > > > flag technically caters for this. However, --append doesn't fit
> > > > > cleanly, as a user usually wouldn't mean to append to that file in the
> > > > > case of error. People who, like me, have this problem can alias "nmap"
> > > > > to "nmap --no-clobber" in their shell environment.
> > > >
> > > > For this, have you considered using %D and %T in your log file names?
> > > > Those magic sequences get replaced by the current date or time. If you
> > > > run
> > > >   nmap -oA log-%T
> > > > then Nmap won't clobber files, unless you do it more than once a second.
> > >
> > > I have, the problem is when I am being somewhat careless in the thick
> > > of a pentest. Hence the want to have it alias'ed in my shell, to
> > > prevent such carelessness.
> >
> > I'm not sure what to do about this patch. I'm afraid it may not be
> > useful enough to justify adding yet another option. But maybe there have
> > been other people who have had trouble with log files being clobbered,
> > and just never spoke up about it. I'm inclined to accept the patch, but
> > only if some people speak up for it.
>
> I used to occasionally (well, rarely) clobber files, but never since I
> implemented the log file sequences like %T (which has been quite a while).
>
> I don't really think the suggested behavior is important or useful enough
> (given %T, etc.) to add an option for it, but if it does get added then I
> think it should maybe be renamed to something like "--no-clobber-output" to
> match "--append-output" (sorry if this was mentioned before, I only skimmed
> this thread again).

Thanks, Kris. Sounds like we should not add this new option, and rely on
the timestamps instead.

Thanks for your patch, Dominic, even if we didn't use it.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/