On Sunday 05 October 2008 22:19:38 Jason Haar wrote: > So what you're really saying is that if anyone expects Nessus to be able > to provide a comprehensive report against Unix systems, then it has to > run as root-equivalent?
root is necessary for the "audit" tests. Patch checking can be done without extended privileges on most OS but root is necessary on Trusted Solaris IIRC. On Gentoo, the account must at least be in the "portage" group. There might be additions restrictions if the system is running GrSec, SELinux or any similar security system... > I think that needs saying, as otherwise people might be thinking > otherwise and producing poor reports. Yes, it is definitely better to run as root. > I still think the "unpriv-account-running-sudo" option is better than > directly running as root as sudo logs all invocations via syslog sudo is also necessary on systems where the root account is disabled (Ubuntu and MacOS for example) _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
