[openvas-discuss] Future enhancements: plugins in perl??

stripes stripes at tigerlair.com
Wed Nov 23 04:57:48 CET 2005

On Wed, Nov 23, 2005 at 04:14:53AM +0100, Jan-Oliver Wagner wrote:
> I saw that on http://www.openvas.org/doku.php?id=future_enhancements
> it is listed that NASL is to be replaced by perl.


> First I think that replacing NASL by a 'real' programming
> language (hopefully stripped down for security aspects)
> is a good idea but really far ahead.

I agree, something like SecurePerl (stripped down for 
security purposes) would be very cool. 

> Before you don't have a proven sustainable plugin development
> framework (where some companies earn enough money),
> it does not make sense to switch to something else than NASL.
> (There would be huge reimplementation and QA effords without
> real advance for the security auditors)

Point taken; I'm sure this wouldn't be a small project by one

> Next, I think perl is not the best choice ;-)
> Since it is far in the future anyway, I suggest
> to say that "a suitable programming language" is
> to be taken. Maybe you can find some general criteria for
> this language.

Ok, why not Perl? What would you suggest and why? You could 
probably get a religious argument over it, but if you're going 
to strip it down for security purposes anyway, what would be the
problem with using Perl?

Hacker Barbie!  Complete with laptop, tools  (\`--/') _ _______ .-r-.  
tools, and cables. Includes a free tiny       >.~.\ `` ` `,`,`. ,'_'~`.        
stack of usernames and passwords!            (v_," ; `,-\ ; : ; \/,-~) \        
stripes at tigerlair dot com                  `--'_..),-/ ' ' '_.>-' )`.`.__.')
stripes at brickbox dot com                  ((,((,__..'~~~~~~((,__..'  `-..-'fL

More information about the Openvas-discuss mailing list