Am Freitag, 18. Juni 2010 14:30:31 schrieb Michael Wiegand: > Currently, all NVTs launched by openvas-scanner are running with the > privileges of their parent process, which is in most cases root. The vast > majority of NVTs does not actually need root privileges. > > Since a lot folks have the perfectly understandable desire to have as few > things running as root as possible, I've created a draft of a patch which > adds a new preference called "drop_privileges" to the openvas-scanner.
Since there were no objections, I've extended the patch to cover CNVTs (aka NES plugins) as well and have committed it to the SVN trunk. Be aware however that privilege dropping is not guaranteed to work in non-Linux environments. As always, if there are any open questions regarding this patch feel free to let me know. Regards, Michael -- Michael Wiegand | Greenbone Networks GmbH | http://www.greenbone.net/ Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
