[Openvas-devel] Dropping support for mixed authenticated and unauthenticated NVTs
Jan-Oliver Wagner
Jan-Oliver.Wagner at greenbone.net
Sat Jun 9 01:03:39 CEST 2012
On Tuesday 05 June 2012 22:19:00 Jan-Oliver Wagner wrote:
> A better approach is to run a separate openvassd in controlled environment
> to work with (partially) unauthenticated NVTs. If needed at all.
> This would also allow to reduce scanner code size / code complexity.
> And would drop hard-to-remind development rules like prefixing KB entries
> with "Secret/" to make them unreadable for unauthenticated NVTs.
I commited the change in r13561 to r13563.
The "Secret" coding is good for something else: have no passwords
written into kb files onto disk. I added this info the the NVT developer
notes.
All the best
Jan
--
Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
More information about the Openvas-devel
mailing list