Moved the setuid check from main.cc to nmap.cc after option parsing so that I can use error() and have it write to output file with --log-errors, etc. I did receive a complaint that the setuid warning isn't converted to script kiddie mode when -oS is enabled. If we decide that we want script kiddify error messages, we'll have to add that support to error()

2026-01-06 06:29:03 +00:00 · 2012-06-02 18:08:39 +00:00
parent 2637fa19f4
commit 4402144394
2 changed files with 17 additions and 17 deletions
--- a/main.cc
+++ b/main.cc
@@ -132,20 +132,6 @@ extern NmapOps o;  /* option structure */

 extern void set_program_name(const char *name);

-#ifdef WIN32
-static void check_setugid(void) {
-}
-#else
-/* Show a warning when running setuid or setgid, as this allows code execution
-   (for example NSE scripts) as the owner/group. */
-static void check_setugid(void) {
-  if (getuid() != geteuid())
-    log_write(LOG_PLAIN, "WARNING: Running Nmap setuid, as you are doing, is a major security risk.\n");
-  if (getgid() != getegid())
-    log_write(LOG_PLAIN, "WARNING: Running Nmap setgid, as you are doing, is a major security risk.\n");
-}
-#endif
-
 int main(int argc, char *argv[]) {
  /* The "real" main is nmap_main().  This function hijacks control at the
     beginning to do the following:
@@ -162,9 +148,6 @@ int main(int argc, char *argv[]) {

  set_program_name(argv[0]);

-  /* Warn if setuid/setgid. */
-  check_setugid();
-
 #ifdef __amigaos__
 	if(!OpenLibs()) {
 		error("Couldn't open TCP/IP Stack Library(s)!");