nmap to use with sudo (but prevent privilege escalation vectors)

["spearphish () gmail com" <spearphish () gmail com>]

I'm trying to configure nmap to use with sudo without allowing privilege
escalation. Managed to come up with several sudoers rules for it to be
usable without allowing privilege escalation (e.g. using noexec, not allow
scripts, etc).

However, there is an issue with the "-iL" parameter, as this can be used to
read any privileged file/s (including root only files e.g. /etc/shadow).

(Question 1:) Any recommendation for it to still be allowed with sudo but
not be able to read privileged files?

Tried setting up a sudoer rule for it to only be usable in a specific
directory but that was easily bypassed by using symlink/s.

(Question 2:) Also, any recommendation for other nmap output parameters
(.e.g -oG, -oN, -oX, etc.) to be still usable with sudo but not be able to
overwrite privileged files?

Already have sudoer rule to prevent appending to files via not allowing
"--append-output"; however those output parameters can still be used to
disrupt system (e.g. overwrite critical system file)

(Question 3:) Also have read:
https://secwiki.org/w/Running_nmap_as_an_unprivileged_user - there is a
warning/security concern but do you think this would be a better approach
rather than coming up with several sudoers rules to prevent privilege
escalation?

Appreciate it if there would be any response.

Many thanks in advance.

Best Regards,
Ameer Pornillos

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at https://seclists.org/nmap-dev/