On Thu Aug 19 2004 at 14:44, Marc Haber wrote: > The issue is not only "dangerous for the scanning server", but also > dangerous for the scanned systems. Imagine a trojaned plugin not only > detecting a remote exploit, but also actively exploting it to install > a backdoor.
Of course, anything is possible, but IMHO the probability of this happening is quite low. On the other hand, a simple plugin can crash a fragile service; although we try to lower this risk, this already happened and this will happen again in the future, unfortunately. I don't think that more audit will change anything. > the scanned systems to execute the local plugins that might have access > to a Windows administrator account or to an ssh key that is allowed to > execute arbitrary commands on a target system. SSH key are stored in a protection section of the KB that can only be read by _trusted_ plugins. Concerning the Windows administrative rights, the issue is more tricky because we'd have to "certify" many (125) plugins. We're thinking of it... > I don not intend to express any distrust for Renaud Said in another way, if cvs.nessus.org is hacked, it will simpler to put a Trojan horse into a C file than a NASL script. > explain why there might be situations where it is desired to have the > Debian maintainer as another pair of eyes looking at the code. There are already many eyes here, on this list or nessus-devel, which are much more efficient than eyes from distro maintainers. Are you sure you need one more pair and lose a couple of weeks? _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
