[openvas-discuss] Future enhancements: plugins in perl??
alan at stillsecure.com
Wed Nov 23 05:50:29 CET 2005
My vote would be python. We have played with a lot of stuff and have found
it to be much more efficient than NASL
From: openvas-discuss-bounces at openvas.org
[mailto:openvas-discuss-bounces at openvas.org] On Behalf Of stripes
Sent: Tuesday, November 22, 2005 10:58 PM
To: OpenVAS Discussion ML
Subject: Re: [openvas-discuss] Future enhancements: plugins in perl??
On Wed, Nov 23, 2005 at 04:14:53AM +0100, Jan-Oliver Wagner wrote:
> I saw that on http://www.openvas.org/doku.php?id=future_enhancements
> it is listed that NASL is to be replaced by perl.
> First I think that replacing NASL by a 'real' programming
> language (hopefully stripped down for security aspects)
> is a good idea but really far ahead.
I agree, something like SecurePerl (stripped down for
security purposes) would be very cool.
> Before you don't have a proven sustainable plugin development
> framework (where some companies earn enough money),
> it does not make sense to switch to something else than NASL.
> (There would be huge reimplementation and QA effords without
> real advance for the security auditors)
Point taken; I'm sure this wouldn't be a small project by one
> Next, I think perl is not the best choice ;-)
> Since it is far in the future anyway, I suggest
> to say that "a suitable programming language" is
> to be taken. Maybe you can find some general criteria for
> this language.
Ok, why not Perl? What would you suggest and why? You could
probably get a religious argument over it, but if you're going
to strip it down for security purposes anyway, what would be the
problem with using Perl?
Hacker Barbie! Complete with laptop, tools (\`--/') _ _______ .-r-.
tools, and cables. Includes a free tiny >.~.\ `` ` `,`,`. ,'_'~`.
stack of usernames and passwords! (v_," ; `,-\ ; : ; \/,-~) \
stripes at tigerlair dot com `--'_..),-/ ' ' '_.>-'
stripes at brickbox dot com ((,((,__..'~~~~~~((,__..'
openvas-discuss mailing list
openvas-discuss at openvas.org
More information about the Openvas-discuss