An extra repository for exploits got by mailinglist

[lex001 at gmx.de (Dennis Günnewig)]

Hi Rhys Kidd,

> IMHO, I think the current system works quite well. msf-dev's are happy
> to accept contributions or submissions from the user community, and as
> has been seen in the past and my own experience, it usually doesn't
> take a great deal of time for one to be vetted and included in the SVN
> tree if it is of high quality.
ok, i've no experience on this area as i'm a beginner in writing exploits, so at least a bit of a script kiddie today.

> Of course nothing stops you from copy'ing in a public submission first
> had, giving it a cursory check over to make sure it's not doing
> anything odd, etc.

Yes you're right, i've overseen this aspect. Then only one question remains: Do the core developers review every 
module/patch before adding it to the
subversion-tree? i would be pleased if one of them answers this question, so that I can add a reference to it in my 
essay about the use of msf for
pentesting inside a company.


> Anything which might dampen the efforts of these
> contributors should be thought about closely..
you're absolutely right!