Recently, we found that several scripts that we typically explicitly avoided taking into our feed (LSCs that did their work without looking at package information) slipped through were included with our scripts.
Then, we did a full LSC audit, with credentials, of a system that had a VERY large file system on it. The box became essentially unusable, because the scripts were running "find" operations to locate binaries, the scripts would time out, but the "find" operations would NOT timeout and keep running. They piled up, one on top of another grinding the box down. This was with only a handful scripts that were in this category. I suspect if we had the full suite, the box would probably have either crashed or become completely unresponsive. Not being an SSH expert, not quite sure exactly what the solution would look like, but there ought to be a way to terminate remote commands a script has executed if the script executing it shuts down. Thomas _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
