Hi, On Monday 18 February 2008 22:10, Jan-Oliver Wagner wrote: > Am Samstag, 16. Februar 2008 17:20:59 schrieb Lmwangi: > > Started hunting for warnings to fix based on their severity, > > flawfinder -S -m 5 gives me an TOCTTOU alert for chmod'ing of the > > sockets: openvas-libraries/libopenvas/bpf_share.c:368 [...] > I've tried to undestand the problem and potential solutions but failed. > I guess this needs more investigation or a more clever mind ;-)
The easiest way to deal with the chmod call in libopenvas/bpf_share.c seems to
be to remove the whole bpf sharing feature. It's off by default anyway and
according README.BPF it's highly experimental:
[...] you can try to run the configure
script with the option --enable-bpf-sharing. In this case, nessusd will
try to share one /dev/bpf among multiple processes and do the filtering
in userland. NOTE THAT THIS OPTION IS HIGHLY EXPERIMENTAL AND WE DO
NOT RECOMMAND ENABLING IT.
Does anybody use it with OpenVAS?
Bernhard
--
Bernhard Herzog Intevation GmbH, Osnabrück
Amtsgericht Osnabrück, HR B 18998 http://www.intevation.de/
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
pgpO6AGAbw2GU.pgp
Description: PGP signature
_______________________________________________ Openvas-devel mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
