Jonas Andradas jonas at andradas.es
Mon Aug 16 10:34:53 CEST 2010


I would like to propose a feature for OpenVAS. I don't know if this is the
correct list, or if due to the subject of the feature it would be better to
use openvas-plugins. Or maybe none of them, and a separate list should be
used. If so, please tell me where should I address this proposal. If the
functionality is already in OpenVAS, I apologize. I haven't seen it, but I
might have missed it.

I think it would be useful if the scaner could restart automatically upon
updating the plugins. If someone has the scanner running and the
openvas-nvt-sync is run as a cron job, the openvas-scanner should be
restarted to use the new plugins (as far as I know). What I would like to
propose is to have openvas-nvt-sync notify the openvas-scanner daemon using
a signal that there are new plugin updates (ideally, only if it has
downloaded new plugins). Upon receiving this signal, openvas-scanner would
set a "flag" internally to indicate that there are new plugins and it should
be restarted. When all running scans are finished, or no scans are
programmed in the next few minutes (for example), the daemon would restart
itself, in order to incorporate the new plugins.

Conceptually, I think it should not be very hard to implement this feature,
but maybe I'm not seeing all the complexity or implications this might
have.  Do you think it would be useful?  Are there situations where people
would not want this feature enabled?  If so, maybe it could be switched on
or off in openvassd.conf

Best Regards,

Jonás Andradas.
