[
https://bro-tracker.atlassian.net/browse/BIT-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=21971#comment-21971
]
Matthias Vallentin commented on BIT-1411:
-----------------------------------------
{quote}
There needs to be some model of deprecating/obsoleting deficient elements of
the environment.
{quote}
How about adding a {{&deprecate}} attribute to such elements? Then we can
inform users in one release cycle that the labeled functionality will cease to
exist with the next release (or whatever deprecation policy we chose).
> SQL_Injection_Victim is a misleading name
> -----------------------------------------
>
> Key: BIT-1411
> URL: https://bro-tracker.atlassian.net/browse/BIT-1411
> Project: Bro Issue Tracker
> Issue Type: Problem
> Components: Bro
> Reporter: Vern Paxson
>
> I suggest changing the name of this notice to {{SQL_Injection_Target}}.
> Having "victim" in the name implies to me that the attack succeeded, which is
> not what the associated logic is about.
> Indeed, I even wonder if this notice is useful. The information should be
> directly available from {{SQL_Injection_Attacker}} notices (though it doesn't
> appear to be currently set up to provide this - why not?).
--
This message was sent by Atlassian JIRA
(v7.0.0-OD-02-259#70102)
_______________________________________________
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
