[Bro-Dev] [JIRA] (BIT-1411) SQL_Injection_Victim is a misleading name

Vern Paxson (JIRA) jira at bro-tracker.atlassian.net
Sun Sep 6 14:03:00 PDT 2015


    [ https://bro-tracker.atlassian.net/browse/BIT-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=21972#comment-21972 ] 

Vern Paxson commented on BIT-1411:
----------------------------------

@Matthias: perhaps.  That works for values/types that can have attributes associated with them, but not for things like language features.  Maybe that's the common enough case that we should go this route.  I'm thinking then the syntax might be something like &deprecate=expr, where evaluates to a string displayed at compile time (though perhaps only if a show-me-deprecation flag is used).  The string could include information (or a link to a discussion) on how to migrate.  

> SQL_Injection_Victim is a misleading name
> -----------------------------------------
>
>                 Key: BIT-1411
>                 URL: https://bro-tracker.atlassian.net/browse/BIT-1411
>             Project: Bro Issue Tracker
>          Issue Type: Problem
>          Components: Bro
>            Reporter: Vern Paxson
>
> I suggest changing the name of this notice to {{SQL_Injection_Target}}.  Having "victim" in the name implies to me that the attack succeeded, which is not what the associated logic is about.
> Indeed, I even wonder if this notice is useful.  The information should be directly available from {{SQL_Injection_Attacker}} notices (though it doesn't appear to be currently set up to provide this - why not?).



--
This message was sent by Atlassian JIRA
(v7.0.0-OD-02-259#70102)


More information about the bro-dev mailing list