Date: Sun, 28 Mar 2021 20:55:50 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 254632] security/py-ospd-openvas: Set PATH prior to startup, run daemon as root Message-ID: <bug-254632-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D254632 Bug ID: 254632 Summary: security/py-ospd-openvas: Set PATH prior to startup, run daemon as root Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: acm@FreeBSD.org Reporter: ltning-freebsd@anduin.net Assignee: acm@FreeBSD.org Flags: maintainer-feedback?(acm@FreeBSD.org) Created attachment 223675 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D223675&action= =3Dedit Patch for rc.d/ospd_openvas Two items: - ospd-openvas expects to find various binaries in PATH, so this should be = set to include /usr/local/(bin|sbin) explicitly. If there's a better way to do this, feel free to substitute. - Scanning is impossible unless run as root. Alternative suggestion: setuid= on binary. I *think* it is run using sudo on Linux, but haven't been able to f= ully make heads&tails of it Attached patch does both. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-254632-7788>