Sudo works nicely, as someone stated above... alternatively.



This is only a slightly better idea than putting your root password in a script, but. If you are bound and determined.

I am not a big user of nessus, so I do not know if the owner or group of nessus is already important to it, so, this may screw up something, but not so that you cannot recover from it by reversing the steps you take. Make sure you record detailed information about the nessus command/file before you modify anything, like owner, group, exact permisions, etc...

ls -l nessus > nessus-permisions-before-change

will do that for ya....

Now,

Look up SUID.

make sure that root is the owner of the nessus command, add yourself to a group that has ownership on the nessus command. Make sure that nobody but the owner and the group can execute the command. Then set the SUID bit on the file. You probably want to look that up so that you can see what it is all about, but, here is quick and dirty commands.

cd /wherever/nessus/lives
ls -l nessus (to find out who owner and group are)
chown root nessus (if the owner is not allready nessus)
chgrp somegroup nessus (change group ownership to somegroup, you must be member of somegroup)
chmod 550 nessus (make sure that only owner and group can execute nessus)
chmod o+S nessus (this sets the file nessus to SUID, which means execute with the permisions of the owner of the file, for executables anyway)

Perhaps not the most secure thing, I do not know if there are any vulnerabilities in nessus, which could be exploited which it is running as root this way, but if you are bound and determined to not have to enter your root password everytime, this way should work.