[Openvas-discuss] GSA broken when it comes to editing scan config files - what's the best way around that?

Whit Blauvelt whit at transpect.com
Wed Aug 8 21:55:46 CEST 2012


On Wed, Aug 08, 2012 at 09:21:46PM +0100, Matthew Mundell wrote:

> OK.  I guess you have some setup problem.  I wonder if nmap is on the path
> of the user that is running openvassd.

An intereting question. The process table shows openvassd processes all
being run by root. I'm not sure which path root sees in that context, but
nmap is in the normal /usr/bin location, and easily seen by root from the
console. Does openvassd reset the path to something other than system
standard just if it's run by root? Is it designed to only be started after
changing to another user, yet without the smarts to refuse to run for root?

Most daemons these days can be started by root, and change to other users
for their processes when appropriate. But if the components here require
being started under a special account instead of root, it wouldn't be the
first instance of that requirement.

> > Please don't take this as a hostile review.
> 
> I did not think it hostile.  It's impressive that you keep trying.

Humorous even?

Best,
Whit



More information about the Openvas-discuss mailing list