Re: [Patch] Automatically switch to privileged when Nmap has required capabilities

[Patrick Donnelly <batrick () batbytes com>]

On Sun, Aug 17, 2014 at 9:31 AM, Jay Bosamiya <jaybosamiya () gmail com> wrote:
> If capabilities exist for the nmap executable file, then use them
> If --unprivileged is used, then drop privileges (and also drop capabilities)
> If run as root, then drop privileges without losing the capabilities that it
> needs
> The user to drop to is currently fixed to "nobody" but the code has been
> written in such a way that it will be trivial to add a CLI option to choose
> the user to drop to (just have to do a `o.drop_user = strdup(optarg);`). I
> have currently not added such a CLI option because of being unsure of the
> security implications of this.
> Two new make targets
>
> "make setcap" grants capabilities to the nmap executable in the same
> directory
> "make setcap-install" grants capabilities to nmap executable in the
> installation path
>
> Feedback is welcome as always :)

Great work on this patch Jay! One last comment/question: how does this
change effect opening various files at startup, especially log files?

e.g. if as root I do:

$ pwd
/root
$ nmap -A localhost -oN nmap.txt

will that fail because nmap can't open nmap.txt after dropping
privileges? What about opening script files/libraries?

Do we/should we start opening these files ahead of time?

-- 
Patrick Donnelly
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/