secureness
commented
3 months ago I'd like to write a tsunami plugin for this request.
Open maoning opened 3 months ago
secureness
commented
3 months ago I'd like to write a tsunami plugin for this request.
secureness
commented
3 months ago @maoning I'm able to run a sample jdbc code and set up a hive instance. could you assign this to me?
maoning
commented
3 months ago @secureness Please finish the implementation for https://github.com/google/tsunami-security-scanner-plugins/issues/433 first.
W0ngL1
commented
2 months ago Hi @maoning, I've finished #435, could you assign this issue to me?
maoning
commented
1 month ago @secureness I see that you have a few plugins in the backlog, I will prioritize reviewing of those plugins. @vsutedjo will review and merge in #433 shortly. To maximize the throughput, @W0ngL1 you can start working on this request.
W0ngL1
commented
1 month ago Thanks @maoning, I'll start to work on this.
secureness
commented
1 month ago @maoning you didn't assign any of the AI PRPs to me that you created initially, I had hoped that I could write at least one AI PRP that you created. one more thing, Do rules matter when we can ignore those here? we are doing bug bounty here with rules, with this thing that happened here I can go to other issues where the contributors have multiple PRPs in their backlogs and start asking you to assign the PRP to me that they asked first to work on. @W0ngL1 could do research like my other PRPs on open-source and commercial AI products to see whether they can have potential security issues or not( like other contributors as far as I see) instead of asking to work on an issue that someone else requested sooner.
This requires adding a JDBC to connect to Apache Hive database to test for authentication. The tester should also check for services with no authentication.
Please read the rules of engagement first at https://github.com/google/tsunami-security-scanner-plugins/issues/409.