*** Thomas Reinke wrote: > 1) I notice on the CR ( http://openvas.org/openvas-cr-60.html ) that > it indicates (paraphrased) that scripts are to be committed into > subdirs (beginning with 2013) with exceptions being scripts that > are to be a dependency of others. > > That would lead to the observation that perhaps it is not guaranteed > to be able to use script dependenciese on files that reside in > subdirectories? > > If so, then I have specific questions around the following: > > 2014/gb_dell_sonicwall_email_security_detect.nasl > > As a detection script, it > will possibly have others depending on it (in the future..could not > find any today). Shouldn't detection scripts reside then in the base > directory?
Yes, it's wrong there. Looks like i've committed it by accident into the wrong directory. I'll move it... > The file 2009/conficker.nasl has a dependency on > nmap_nse/gb_nmap_p2p_conficker.nasl, which raises the same question. The directory structure is different between svn and feed. Any NVT from 2008-2012 goes into the base diretory when copied to the feed. > 2) Are script base filenames intended to be unique? I am noting > a number of instances where they are not. > > Nearly identical (same vuln tested), but with different script IDs: > 2012/gb_suse_2012_1637_1.nasl > 2013/gb_suse_2012_1637_1.nasl > (This looks like a simple duplication issue, one should be removed?) Probably. I'll ask secpod about it. > Completely different scripts, CVE, etc, but with same name: > 2012/gb_hp_smh_csrf_vuln.nasl > 2014/gb_hp_smh_csrf_vuln.nasl > > 2009/gb_php_display_errors_xss_vuln.nasl > 2014/gb_php_display_errors_xss_vuln.nasl > > 2010/gb_getsimple_cms_mult_vuln.nasl > 2014/gb_getsimple_cms_mult_vuln.nasl > > Finally, a whole series of scripts have non-unique names in the GSHB > series (e.g. GSHB_M5_147.nasl has 3 different version): > > ~/openvas-nvts/scripts$ find . -name GSHB_M5_147.nasl -print > ./GSHB/EL11/GSHB_M5_147.nasl > ./GSHB/EL10/GSHB_M5_147.nasl > ./GSHB/EL12/GSHB_M5_147.nasl I think that's fine, although i would prefer more unique names. Micha -- Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6 http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
