> I guess it depends on whether the tool needs to read the entire database to perform its queries (in which case using AFS would be basically the same as downloading).
I am including below the reply from Michael, cve-check-tool maintainer, and also including him in this conversation. " Right now we force-update the database every 4 hours as this is roughly how often the NVD DB is centrally updated with new/modified entries. This behaviour can be disabled, and cve-check-update can be run to manually update. We download all of the NVD XML feeds and convert them into a local sqlite3 database for faster usage. What you're proposing sounds more like making cve-check-tool run as a Security As A Service setup, which is feasible. Would they be hosting internal copies of the XML feeds or prefer a central remote DB to be used here?" -----Original Message----- From: Jeremy Stanley [mailto:[email protected]] Sent: Wednesday, August 5, 2015 10:16 AM To: OpenStack Development Mailing List (not for usage questions) Subject: Re: [openstack-dev] [Security] Would people see a value in the cve-check-tool? (Reshetova, Elena) On 2015-08-05 09:54:52 -0700 (-0700), Clint Byrum wrote: > Doesn't this feel like a job for AFS? Maintain the db there, and let > the nodes access it as-needed? I guess it depends on whether the tool needs to read the entire database to perform its queries (in which case using AFS would be basically the same as downloading). -- Jeremy Stanley __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
smime.p7s
Description: S/MIME cryptographic signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
