Hi,

On Monday 18 February 2008 22:10, Jan-Oliver Wagner wrote:
> Am Samstag, 16. Februar 2008 17:20:59 schrieb Lmwangi:
> > Started hunting for warnings to fix based on their severity,
> > flawfinder -S -m 5 gives me an TOCTTOU alert for chmod'ing of the
> > sockets: openvas-libraries/libopenvas/bpf_share.c:368
[...]
> I've tried to undestand the problem and potential solutions but failed.
> I guess this needs more investigation or a more clever mind ;-)

The easiest way to deal with the chmod call in libopenvas/bpf_share.c seems to 
be to remove the whole bpf sharing feature.  It's off by default anyway and 
according README.BPF it's highly experimental:

     [...] you can try to run the configure
     script with the option --enable-bpf-sharing. In this case, nessusd will
     try to share one /dev/bpf among multiple processes and do the filtering
     in userland. NOTE THAT THIS OPTION IS HIGHLY EXPERIMENTAL AND WE DO 
     NOT RECOMMAND ENABLING IT.

Does anybody use it with OpenVAS?


  Bernhard

-- 
Bernhard Herzog                              Intevation GmbH, Osnabrück
Amtsgericht Osnabrück, HR B 18998             http://www.intevation.de/
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner

Attachment: pgpO6AGAbw2GU.pgp
Description: PGP signature

_______________________________________________
Openvas-devel mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-devel

Reply via email to