Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Nessus: devel

extensive rework of clientside user access rules Re: Syntax of user access rules?

  

 
Nessus devel RSS feed   Index | Next | Previous | View Threaded


jan at intevation

Nov 11, 2004, 4:33 AM

Post #1 of 3 (777 views)
Permalink
extensive rework of clientside user access rules Re: Syntax of user access rules?
On Thu, Nov 04, 2004 at 12:58:05PM +0100, Jan-Oliver Wagner wrote:
> So far my idea is to make the GUI for entering rules safe
> against wrong syntax (and explain the oppotunties at the same time).
> But I need the syntax specification for that.

I just checked in a comprehensive rework of the handling
of the clientside user access rules.

What I did is:
1. activate sending server side access rules for nessusd.

2. activate reading server side accress rules for nessus.

3. Extended the GUI to display the serverside user
access rules (readonly of course).

4. Rework the GUI for entering client side user access
rules a bit more user friendly. There is still room
for further syntax and logical checking for even
better preventing invalid entries.

5. Store client side user access rules locally. Before,
they were lost once closing the GUI.


I tested the whole stuff and it works (for me) :-)
Though I identied a (now known) bug: When removing a rule,
you need to restart nessus to have this considered.
Will look into this asap.


There is one thing left I'd like to have but it would
require a extension of the protocol:
Currently the server side server rules are not retrievable
via the protocol. So the user has no full transarency
about all rules yet. To make him aware of the fact
that there might be further rules I added a corresponding
line in the rules GUI.
So at some point a "SERVERRULES" extension of the protocol
would be nice.


I hope you like the rework. Please let me know what
you think.

Best

Jan
--
Jan-Oliver Wagner http://intevation.de/~jan/

Intevation GmbH http://intevation.de/
FreeGIS http://freegis.org/


deraison at nessus

Nov 12, 2004, 2:28 AM

Post #2 of 3 (734 views)
Permalink
Re: extensive rework of clientside user access rules Re: Syntax of user access rules? [In reply to]
On Thu, Nov 11, 2004 at 12:33:21PM +0100, Jan-Oliver Wagner wrote:
> What I did is:
[..]

That sounds really good - I'll test it ASAP.

[...]
> Currently the server side server rules are not retrievable
> via the protocol. So the user has no full transarency
> about all rules yet.

Keeping the rules secrets might also be a good thing. But for the admin
user, it makes sense, I'll add that to my TODO list.


jan at intevation

Nov 12, 2004, 3:09 AM

Post #3 of 3 (720 views)
Permalink
Re: extensive rework of clientside user access rules Re: Syntax of user access rules? [In reply to]
On Fri, Nov 12, 2004 at 10:28:51AM +0100, Renaud Deraison wrote:
> On Thu, Nov 11, 2004 at 12:33:21PM +0100, Jan-Oliver Wagner wrote:
> > What I did is:
> [..]
>
> That sounds really good - I'll test it ASAP.

feedback very welcome :-) !

> [...]
> > Currently the server side server rules are not retrievable
> > via the protocol. So the user has no full transarency
> > about all rules yet.
>
> Keeping the rules secrets might also be a good thing. But for the admin
> user, it makes sense, I'll add that to my TODO list.

maybe even make it serverside configurable whether a normaler user
is allowed to see the overall rules or whether not. I can imagine
scenarions where both, transparency and non-transparency, makes sense.

Jan

--
Jan-Oliver Wagner http://intevation.de/~jan/

Intevation GmbH http://intevation.de/
FreeGIS http://freegis.org/

Nessus devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.