On Thu Aug 19 2004 at 11:53, Marc Haber wrote:
> The rationale behind using the Debian packages of the plugins is that
> there are two more eyes looking over the plugins
And they certify _every_ new plugin?
$ ls *.nasl *.inc | wc -l
4192
$
> thus enhancing the chance of detecting a trojan plugin
The most dangerous plugins for the scanning server are the C plugins
[1] and the NASL "trusted" plugins [2].
C plugins are not updated by nessus-update-plugins, and there are only
7 trusted NASL plugins & includes. I'm not sure this is a good reason
for being "a few weeks behind".
Trusted NASL plugins are signed by Renaud. If you don't trust him, you
should verify every single line of the C source code: a Trojan horse
might be hidden here.
Anyway, trusted NASL plugins are not implemented in 2.0.x
[1] system("rm -rf /");
[2] pread(cmd: "/bin/rm", argv: ["rm", "-r", "/"]);
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus
