[Bug 254632] security/py-ospd-openvas: Set PATH prior to startup, run daemon as root

Sun Mar 28 20:55:51 UTC 2021

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254632

            Bug ID: 254632
           Summary: security/py-ospd-openvas: Set PATH prior to startup,
                    run daemon as root
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: acm at FreeBSD.org
          Reporter: ltning-freebsd at anduin.net
          Assignee: acm at FreeBSD.org
             Flags: maintainer-feedback?(acm at FreeBSD.org)

Created attachment 223675
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=223675&action=edit
Patch for rc.d/ospd_openvas

Two items:
- ospd-openvas expects to find various binaries in PATH, so this should be set
to include /usr/local/(bin|sbin) explicitly. If there's a better way to do
this, feel free to substitute.
- Scanning is impossible unless run as root. Alternative suggestion: setuid on
binary. I *think* it is run using sudo on Linux, but haven't been able to fully
make heads&tails of it

Attached patch does both.

-- 
You are receiving this mail because:
You are the assignee for the bug.