Securing GSAD

GVM versions

gsa: 9.0
gvm: 9.0
openvas-scanner: 1.0
gvm-libs: 11.0

Environment

Operating system: Debian Buster
Kernel: Debian 4.19.0-8-amd64

Hey!

I installed a GVM setup as no-root user (my user in this case is named gvm), launching every services as gvm user works well. However, I would like to start gsad as root user according to this post:

This leads to security issue so I tried to run chroot or to drop privilege like this:

sudo gsad --drop-privileges=gvm

In this case I still have issue which say that I do not have rights to bind to port 443, as process is running as gvm user.

I also tried to do a chroot like this:

sudo gsad --do-chroot /usr/local/gvm

But this one still useless because process run with root privileges,it has so access to everything… (I think)

My question is here : how can I implement secure gsad use? I don’t understand how to run this with gvm or root privileges.

thanks to who will help me :slight_smile: