[Openvas-devel] Compile warnings

Bernhard Herzog bh at intevation.de
Tue Feb 19 21:20:27 CET 2008


Hi,

On Monday 18 February 2008 22:10, Jan-Oliver Wagner wrote:
> Am Samstag, 16. Februar 2008 17:20:59 schrieb Lmwangi:
> > Started hunting for warnings to fix based on their severity,
> > flawfinder -S -m 5 gives me an TOCTTOU alert for chmod'ing of the
> > sockets: openvas-libraries/libopenvas/bpf_share.c:368
[...]
> I've tried to undestand the problem and potential solutions but failed.
> I guess this needs more investigation or a more clever mind ;-)

The easiest way to deal with the chmod call in libopenvas/bpf_share.c seems to 
be to remove the whole bpf sharing feature.  It's off by default anyway and 
according README.BPF it's highly experimental:

     [...] you can try to run the configure
     script with the option --enable-bpf-sharing. In this case, nessusd will
     try to share one /dev/bpf among multiple processes and do the filtering
     in userland. NOTE THAT THIS OPTION IS HIGHLY EXPERIMENTAL AND WE DO 
     NOT RECOMMAND ENABLING IT.

Does anybody use it with OpenVAS?


  Bernhard

-- 
Bernhard Herzog                              Intevation GmbH, Osnabrück
Amtsgericht Osnabrück, HR B 18998             http://www.intevation.de/
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20080219/3f026a10/attachment.pgp


More information about the Openvas-devel mailing list