On 15/03/2010 6:59 PM, Justin Mason wrote: > 2010/3/15 John Hardin <jhar...@impsec.org>: >> On Mon, 15 Mar 2010, Karsten Bräckelmann wrote: >> >>> The following 30 rules appear to have NOT assigned a score in the >>> tarball. :( >>> >>> DEAR_BENEFICIARY >>> DEAR_EMAIL >>> FROM_MISSP_DYNIP >>> FROM_MISSP_MSFT >>> HDRS_MISSP >>> IMG_DIRECT_TO_MX >>> LOTTO_AGENT >>> MANY_GOOG_PROXY >>> MANY_SPAN_IN_TEXT >>> MANY_TINY_FLOAT >>> MONEY_FROM_MISSP >>> TO_NO_BRKTS_DYNIP >> >> I'd expect those sandbox rules to have their scores assigned by the nightly >> masscheck evaluation process. Daryl?
Yes, those "sandbox rules" would have had their scores generated and put in 72_scores.cf. My current update script should be generating updates without the T_ rules, too. > as I said -- the rules tarball is being built from the 3.3 branch, > whereas the nightly evaluation process is running off trunk. that's > why they're not matching. > > so the question is: should we build the rules tarball from trunk as > well? If we're publishing rule updates for 3.3 from trunk I don't see why we'd generate a rule tarball from the branch (with sandbox rules, sans scores, anyway). If you install 3.3 using sa-update to get the rules you're getting the trunk version of the rules; the tarball should give you the same sort of thing. > if so, what script should we use to do so? Just grab a recent nightly update, rename it, and use that. The safest one to use would be a weekly one right after the net enabled mass-check results (Saturday night's update around 10:30 PM ET -- Sunday, 2:30 AM UTC). Although, any update should be safe, the differences should be minor. 922507 is the most recent. NEXT PROMISE: Documentation for this stuff. Daryl
