On Sat, May 01, 2021 at 04:01:05AM -0700, Loren Wilton wrote: > > Given that plugins are by and large the basis for (some) rules, and rule > updates happen frequently, some thought should be given to treating at least > those plugins called from rules as in fact being rules themselves, at least > as far as packaging and distribution is concerned.
The problem is that distributing Perl code with sa-update is inherently dangerous and should be considered deprecated (which is why I renamed --allowplugins too). Only official SA version releases go through proper scrutiny to release code that can run with root permissions around the world. I don't think having a separate "plugins-release" would make any difference, same problems remain with with vendors OS packaging etc. Ideally rules could be written with some pseudo-language that could do complex things, grabbing things into variables, modifying, comparing to other things etc. Then there wouldn't be any need for Perl plugins doing some trivial stuff.
