[Openvas-discuss] Local security checks privileges

Thomas Reinke lists at securityspace.com
Fri Aug 17 03:01:03 CEST 2012


Depends on the distribution/OS being checked.

For Linux distributions, you typically need to be able to run

    uname -a
    rpm, dpkg, or have read access to certain directories.

I'm probably missing some, but afaik, most of the LSCs can
run with any login credential, as the above commands are
not priviledged when used in read-only as is being done
by the scanner.

You can check "gather-package-list.nasl" and view the logic
yourself there.

Thomas

On 16/08/12 08:17 PM, Juan José Pavlik Salles wrote:
> Hi, how much privileges does the local sec check user need to run?
> 
> 
> 
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
> http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




More information about the Openvas-discuss mailing list