Am Mittwoch, 10. September 2008 02:30:46 schrieb Thomas Reinke: > If both scripts are in the feed, both scripts are automatically run > on any open ssh port. If both can login, then both will retrieve > information, and whichever one is run second will clobber the kb > entries made by the first one. > > Whether or not there are scripts dependent on this new script is > irrelevant. The fact that they are both in the feed at the same > time makes for unpredictable results, unless kb variable names > are changed.
I have now checked the scripts that do access ssh/login/rpms. It turn out that there are only three of them in the feed, and they all access ssh/login/rpms in the same way: cups_CB-A08-0045.nasl, kerberos_CB-A08-0044.nasl and samba_CB-A08-0085.nasl. As far as I can tell from reading the NASL, those scripts will ignore any additional information. I would appreciate it if someone could confirm my observation, but I do think there is little potential for conflict. If this is the case, I think we could safely include the new feature into gather-package-list.nasl. As a precautionary measure, we could limit collection of signatures to RHEL3-5 as I proposed yesterday; since the three scripts mentioned aboved only access ssh/login/rpms if the detect a SuSE or Fedora system, this should eliminate any potential for conflict. I also discovered that there are two other scripts collecting ssh/login/rpms: ssh_get_info.nasl and secpod_ssh_sys_info.nasl. The changes in secpod_ssh_sys_info.nasl might also break the three scripts mentioned above, since they introduced a newline character in the rpm query results. As I said before, I am no NASL expert, but you might want to take a look at that. > Ok...I understand the intent, it's just the execution failed to > accomplish that what was desired. Agreed. I guess I might have been a little too enthusiastic to get OVAL support into the trunk. ;) Let me know what you think. Regards, Michael -- Michael Wiegand OpenPGP key: D7D049EC Intevation GmbH, Osnabrück http://www.intevation.de/ Amtsgericht Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
