Hello OpenVAS Developers,
after long time I finally had some time to look into the
feature of (not)"authenticated" NVTs.
(the term "authenticated" is equivalent to "valid signed")
In the old days the authors tried to mix authenticated
NVTs with unauthenticated NVTs (e.g. uploaded somehow).
This lead to quite some code that disallows various system
functions, some access to KB items, downgrades a authenticated
NVT to unauthenticated if including a unauthenticated file, and so on.
OpenVAS in fact uses only two states: Whole NVT set is authenticated
or all is unauthenticated. If in the first case a unauthenticated
NVT is present in the feed directory it will not be loaded/considered
for execution. The latter case is enabled with the "nasl_no_signature_checks"
option of openvassd and then the scanner will not distinguish between
authenticated and unauthenticated.
(BTW: The upload function has been removed long time ago for security reason)
To me the approach to mix both is the wrong approach as it leads to
possible security problems due to complexity. There is too much to
consider for it. Very likely that mistakes will happen, especially when
adding or chaning features.
A better approach is to run a separate openvassd in controlled environment
to work with (partially) unauthenticated NVTs. If needed at all.
This would also allow to reduce scanner code size / code complexity.
And would drop hard-to-remind development rules like prefixing KB entries
with "Secret/" to make them unreadable for unauthenticated NVTs.
Any opinions?
Best
Jan
--
Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-devel mailing list
Openvas-devel@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-devel
