Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Testing packages for Zenmap on Mac OS X now available
From: David Fifield <david () bamsoftware com>
Date: Wed, 30 Apr 2008 19:11:18 -0600

On Wed, Apr 23, 2008 at 05:43:38PM -0600, Nathan wrote:
I'll address my comments to the generic "you" knowing that I really
have no idea who is doing the actual development on this project.

 2. Make an installer that copies Nmap command-line programs to /usr/bin
   and Zenmap.app to /Applications.

I believe the preferred location for custom command-line binaries to
be installed on OS X is /usr/local/bin.  I vote for this option.

That's what I decided too.

 Zenmap doesn't run as root. I haven't found a convenient way to run it
 as root. You can do it by peeking inside the application bundle:
        sudo /Volumes/Zenmap-4.60/Zenmap.app/Contents/MacOS/zenmap
 But there has to be a better way. Please write nmap-dev () insecure org if
 you have suggestions.

Why does Zenmap require to be run as root?  Isn't it just a gui?  If
it's just to call nmap with root privileges, you should really
consider calling nmap with sudo or something similar.  It's not
unheard of for GUI apps who actually do need some root privileges at
some point to use the appropriate OS X framework to prompt the user
for their password when necessary.

That's a good point. Nmap on Mac OS X may not even need root as long as
it can read and write the /dev/bpf* devices, although the current
version insists on root. Wireshark ships with a ChmodBPF script that
gives read and write access to those devices to everyone in the admin
group. I plan to look into this.

 /usr/local/bin is not in the default PATH. As mentioned above, currently
 you have to install Nmap separately. When Nmap is compiled from source,
 by default it is installed in /usr/local/bin. But /usr/local/bin is
 *not* in the default OS X PATH! You will see an error in Zenmap:
 "[Errno 2] No such file or directory". I don't recommend installing Nmap
 with a prefix of /usr, but you can make a symbolic link from
 /usr/bin/nmap to /usr/local/bin/nmap and it will work fine.

Ah, so that's your reason for avoiding /usr/local/bin.  Couldn't
Zenmap simply check for /usr/local/bin/nmap explicitly?  It IS the
default installation location, after all...

Zenmap now looks in /usr/local/bin if it can't find nmap anywhere else
on Mac OS X.

David Fifield

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]