* Michael Meyer [12. Jun 2009]: > *** Christian Eric Edjenguele <[email protected]> wrote: > > I dont no if there is always a post on this, but the question is: does > > it make sense implement a server-side routine to handle the report > > functions (security_note(), security_hole(),...) ? in order to exit the > > script if not explicitly specified in the code with exit(0). > > There are NVTs which using 'security_*()' more than once. Such a > routine would make this NVTs not work properly anymore.
Ah, now I understand what Christian Eric meant. :) Yes, mime is correct, a script might use security_* more than once or might want to output a security_note and a debug_message containing background information. Or it might want to execute additional code after it has sent a message. I think recognizing when an exit might be appropriate would mean adding quite an amount of logic to the parser. I'd rather like to see that energy going into improving existing scripts than changing the parser to compensate for bad programming styles. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
pgp1ev7BItzdR.pgp
Description: PGP signature
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
