Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Privilege checks in broadcast-* scripts

From: Henri Doreau <henri.doreau () greenbone net>
Date: Sat, 14 Jan 2012 20:44:07 +0100
Hi Patrik,

2012/1/14 Patrik Karlsson <patrik () cqure net>:

While implementing another script today I saw one drawback of having this
check in the prerule.
I would personally prefer the script to return the error as a script result
rather than having to run nmap in verbose/debug mode to find out that it's
"silently" failing due to permission issues. What do you think?


well, just my opinion but I think that having the check in the script
rule is better.

As a user I would find annoying to have "lack of privileges" messages
within the script results, that would also end up in XML reports...
As a script writer, if a script fails at delivering results one of the
first things I would do is to re-run nmap with an higher verbosity
level, so I don't find the current situation problematical.

I would therefore rather prefer to avoid mixing error messages -that
don't bring any information about the target- and actual script
results.

What do other people think about it?

Regards.

-- 
Henri
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: