Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Patch] Automatically switch to privileged when Nmap has required capabilities

From: Patrick Donnelly <batrick () batbytes com>
Date: Wed, 13 Aug 2014 12:15:04 -0400
On Wed, Aug 13, 2014 at 8:36 AM, Daniel Miller <bonsaiviking () gmail com> wrote:

  * When installing Nmap through "make install", we can grant the
    capabilities (by default) so that users can use privileged features
    without the security risk of running as root.



This is not a good idea, because these capabilities are protecting
privileged operations that admins may not want to grant to regular users.
Specifically, being able to sniff network traffic, possibly being permitted
to manage network interfaces, etc. On the other hand, we could ship a
simple script to do this, or create a new make target, "make setcap" or
something, to make it easier for people to do it on their own.


I agree with Dan here. Of particular concern is the ability of a user
to run arbitrary NSE scripts that can sniff network traffic and create
packets with malicious headers.

I do very much like the idea of Nmap downgrading privileges when run
as root, keeping only the capabilities that it needs.

-- 
Patrick Donnelly
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: