[pkg] brutespray - review

Subject: [pkg] brutespray - review
From: lukas@schwaighofer.name (Lukas Schwaighofer)
Date: Sat, 22 Jul 2017 20:24:35 +0200
Message-id: <[🔎] 20170722202435.391be276@localhost>
In-reply-to: <[🔎] CAFG-WzAjfXgNRh82E0Vm4HGPB_AXUaB6M5brAp57xL+omi9ozw@mail.gmail.com>
References: <CAFG-WzCcESGpYa5b7WQ1iz5Ed_zHcAVNZkjsjA1X51A=_0rMdg@mail.gmail.com> <[🔎] 20170707192645.655b3f03@localhost> <[🔎] 20170720224502.28b24a93@localhost> <[🔎] CAFG-WzByZahu1Jsy-wGMQMGKSXLFYa3CFs_pHY9x=UjBWQ9h6w@mail.gmail.com> <[🔎] 20170721204633.2fe14175@localhost> <[🔎] CAFG-WzAjfXgNRh82E0Vm4HGPB_AXUaB6M5brAp57xL+omi9ozw@mail.gmail.com>

Hi,

On Sat, 22 Jul 2017 09:03:17 +0200
St?phane Neveu <stefneveu at gmail.com> wrote:

> Thank you, it's updated. Tell me if it looks better now :)

Looks good to me; if you want to make the commands listing more
beautiful, add a colon after the first line if each bullet point, i.e.
(diff style)

-  * `-f` FILE, `--file` FILE  
+  * `-f` FILE, `--file` FILE:
     GNMAP or XML file to parse  

-  * `-s` SERVICE, `--service` SERVICE  
+  * `-s` SERVICE, `--service` SERVICE:
     Specify service to attack  

and so on. From ronn-format(7), DEFINITIONS LIST section:

       The definition list syntax is compatible with markdown?s
       unordered list syntax but requires that the first line of each
       list item be terminated with a colon

But that's really a nit-pick, otherwise everything looks fine to me.

However I read a bit of the python code and brutespray.py does some
things which will lead to unexpected results (e.g. it will basically
perform the equivalent of `rm tmp/*` on each startup, which is
something quite unexpected to do for a program that I start.

Actually, I think that before we can improve on that behavior
(preferably by submitting a pull request upstream patching brutespray
to use a proper temporary directory), I think the program is unsuitable
for Debian.  (I feel a bit personally affected by this as I usually keep
a ~/tmp dir with some stuff that I am temporarily working on, so using
this script could cause some things I'm working on to be lost.)

Maybe ask a DD here for advise? I also CCd Sophie, maybe she has an
advise or opinion as well.

> > PS: I just noticed that we also uploaded curvedns with a priority
> >     standard, that should also be corrected to optional or extra
> > with a subsequent upload.  
> 
> Yes, I also need to update Vcs-* as I told you yesterday.

Good that you noticed and fixed it in git!

Regards
Lukas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-security-team/attachments/20170722/8391ca27/attachment.sig>

Reply to:

Follow-Ups:
- [pkg] brutespray - review
  - From: stefneveu@gmail.com (Stéphane Neveu)

References:
- [pkg] brutespray - review
  - From: lukas@schwaighofer.name (Lukas Schwaighofer)
- [pkg] brutespray - review
  - From: lukas@schwaighofer.name (Lukas Schwaighofer)
- [pkg] brutespray - review
  - From: stefneveu@gmail.com (Stéphane Neveu)
- [pkg] brutespray - review
  - From: lukas@schwaighofer.name (Lukas Schwaighofer)
- [pkg] brutespray - review
  - From: stefneveu@gmail.com (Stéphane Neveu)

Prev by Date: Bug#427775: marked as done (arpwatch: please add comparison with arpalert to package description)
Next by Date: [pkg] brutespray - review
Previous by thread: [pkg] brutespray - review
Next by thread: [pkg] brutespray - review
Index(es):
- Date
- Thread