Currently scripts loading is done via "file system" but we can have additional use-cases like reading it from a zip / db / other source.
We have a use-case where we wish to load scripts directly from "in-memory zip" that we get from the network and we rather avoid extracting this zip into the file-system as it might be tampered and used as a zero-day exploit (we run zeek with high previliges and it can be used to run malicious scripts).
a PR for reference:
#5395
note:
during the PR only support zip loading and we might need to support a more dynamic approach like stated in the pr comments.
Currently scripts loading is done via "file system" but we can have additional use-cases like reading it from a zip / db / other source.
We have a use-case where we wish to load scripts directly from "in-memory zip" that we get from the network and we rather avoid extracting this zip into the file-system as it might be tampered and used as a zero-day exploit (we run zeek with high previliges and it can be used to run malicious scripts).
a PR for reference:
#5395
note:
during the PR only support zip loading and we might need to support a more dynamic approach like stated in the pr comments.