Re: Feature Request: --update

[William McVey <wam () cisco com>]

On Fri, 2007-01-19 at 16:03 +0000, J.J. Green wrote:
> How about: nmap is able to check multiple directories
> for definitions etc and chooses the most recent as the
> one to use. Then (say) debian ships nmap with 
>
>   /etc/nmap
>   /var/lib/nmap
>
> as 2 such directories with the most recent in /etc/nmap
> in the deb package, but configured so that dynamic updates 
> are put into /var/lib/nmap
>
> Then no-one steps on anyone's toes. 

A case of reinventing the wheel. Nmap *already* checks multiple
directories. It doesn't check for "newness", but you probably don't want
that anyway. Check out nmap_fetchfile() in nmap.cc. It gives overriding
precedence to the --datadir commandline option if it exists, then it
tries the $NMAPDIR environment variable, then ~user/nmap/ then the
compiled in default system directory, and then the current directory.
Personally, I would have preferred to have had the current directory
listed before the system directory (thereby allowing updates to the
local directory, which is always under the user's control vs system
config files). The precedence rules though appear to be a conscious
decision on Fyodor's part though to not trust the current directory
unless explicitly requested to. Since it's trivial to request it (via
commandline or env variable) it's really not that big of a deal.

  -- William

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org