blob: 9fa2c1eefb0182c1c00b18a8eb32a9d484380aba (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
|
<?xml version="1.0" encoding="UTF-8"?>
<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"
xmlns:lin-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"
xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"
xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"
xsi:schemaLocation="
http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd
http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd
http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd
http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd
http://standards.iso.org/iso/19770/-2/2009/schema.xsd schema.xsd">
<generator>
<oval:product_name>OVAL Gentoo Linux</oval:product_name>
<oval:product_version>20130917.1</oval:product_version>
<oval:schema_version>5.10</oval:schema_version>
<oval:timestamp>2013-09-17T19:42:00</oval:timestamp>
</generator>
<definitions>
<definition id="oval:org.gentoo.dev.swift:def:1" version="1" class="inventory">
<metadata>
<title>Gentoo Linux is installed</title>
<affected family="unix">
<platform>Gentoo Linux</platform>
</affected>
<description>
This definition tests whether Gentoo Linux is installed.
</description>
</metadata>
<criteria>
<criterion test_ref="oval:org.gentoo.dev.swift:tst:1" comment="The /etc/gentoo-release file exists" />
</criteria>
</definition>
<definition id="oval:org.gentoo.dev.swift:def:2" version="1" class="compliance">
<metadata>
<title>The /home location must be a separate file system</title>
<affected family="unix">
<platform>Gentoo Linux</platform>
</affected>
<reference source="CCE" ref_url="http://nvd.nist.gov/cce/index.cfm" ref_id="CCE-14559-9"/>
<description>
This definition tests whether the /home location is a separate file
system.
</description>
</metadata>
<criteria operator="AND">
<criterion test_ref="oval:org.gentoo.dev.swift:tst:2" comment="The /home location is on a separate partition" />
</criteria>
</definition>
<definition id="oval:org.gentoo.dev.swift:def:3" version="1" class="compliance">
<metadata>
<title>The /home file system is mounted with the nosuid option</title>
<affected family="unix">
<platform>Gentoo Linux</platform>
</affected>
<description>
This definition tests whether the /home partition is mounted with the nosuid
mount option.
</description>
</metadata>
<criteria operator="AND">
<criterion test_ref="oval:org.gentoo.dev.swift:tst:2" comment="The /home location is on a separate partition" />
<criterion test_ref="oval:org.gentoo.dev.swift:tst:3" comment="The /home partition is mounted with nosuid mount option" />
</criteria>
</definition>
<definition id="oval:org.gentoo.dev.swift:def:4" version="1" class="compliance">
<metadata>
<title>The /home file system is mounted with the nodev option</title>
<affected family="unix">
<platform>Gentoo Linux</platform>
</affected>
<description>
This definition tests whether the /home partition is mounted with the nodev
mount option.
</description>
</metadata>
<criteria operator="AND">
<criterion test_ref="oval:org.gentoo.dev.swift:tst:2" comment="The /home location is on a separate partition" />
<criterion test_ref="oval:org.gentoo.dev.swift:tst:4" comment="The /home partition is mounted with nodev mount option" />
</criteria>
</definition>
<definition id="oval:org.gentoo.dev.swift:def:5" version="1" class="compliance">
<metadata>
<title>The /tmp location must be a separate file system</title>
<affected family="unix">
<platform>Gentoo Linux</platform>
</affected>
<reference source="CCE" ref_url="http://nvd.nist.gov/cce/index.cfm" ref_id="CCE-14161-4"/>
<description>
This definition tests whether the /tmp location is a separate file
system.
</description>
</metadata>
<criteria operator="AND">
<criterion test_ref="oval:org.gentoo.dev.swift:tst:5" comment="The /tmp location is on a separate partition" />
</criteria>
</definition>
</definitions>
<tests>
<unix-def:file_test id="oval:org.gentoo.dev.swift:tst:1"
version="1" check="all" check_existence="all_exist"
comment="Tests that /etc/gentoo-release exists">
<!-- /etc/gentoo-release file -->
<unix-def:object object_ref="oval:org.gentoo.dev.swift:obj:1" />
</unix-def:file_test>
<lin-def:partition_test id="oval:org.gentoo.dev.swift:tst:2"
version="1" check="all" check_existence="all_exist"
comment="Tests that /home is a separate file system">
<!-- /home partition -->
<lin-def:object object_ref="oval:org.gentoo.dev.swift:obj:2" />
</lin-def:partition_test>
<lin-def:partition_test id="oval:org.gentoo.dev.swift:tst:3"
version="1" check="all" check_existence="all_exist"
comment="Tests that /home is mounted with nosuid option">
<!-- /home partition -->
<lin-def:object object_ref="oval:org.gentoo.dev.swift:obj:2" />
<!-- "nosuid" mount option -->
<lin-def:state state_ref="oval:org.gentoo.dev.swift:ste:1" />
</lin-def:partition_test>
<lin-def:partition_test id="oval:org.gentoo.dev.swift:tst:4"
version="1" check="all" check_existence="all_exist"
comment="Tests that /home is mounted with nodev option">
<!-- /home partition -->
<lin-def:object object_ref="oval:org.gentoo.dev.swift:obj:2" />
<!-- "nodev" mount option -->
<lin-def:state state_ref="oval:org.gentoo.dev.swift:ste:2" />
</lin-def:partition_test>
<lin-def:partition_test id="oval:org.gentoo.dev.swift:tst:5"
version="1" check="all" check_existence="all_exist"
comment="Tests that /tmp is a separate file system">
<!-- /home partition -->
<lin-def:object object_ref="oval:org.gentoo.dev.swift:obj:3" />
</lin-def:partition_test>
</tests>
<objects>
<unix-def:file_object id="oval:org.gentoo.dev.swift:obj:1"
version="1" comment="The /etc/gentoo-release file">
<unix-def:filepath>/etc/gentoo-release</unix-def:filepath>
</unix-def:file_object>
<lin-def:partition_object id="oval:org.gentoo.dev.swift:obj:2"
version="1" comment="The /home partition">
<lin-def:mount_point>/home</lin-def:mount_point>
</lin-def:partition_object>
<lin-def:partition_object id="oval:org.gentoo.dev.swift:obj:3"
version="1" comment="The /tmp partition">
<lin-def:mount_point>/tmp</lin-def:mount_point>
</lin-def:partition_object>
</objects>
<states>
<lin-def:partition_state id="oval:org.gentoo.dev.swift:ste:1"
version="1" comment="The file system is mounted with the nosuid mount option">
<lin-def:mount_options entity_check="at least one">nosuid</lin-def:mount_options>
</lin-def:partition_state>
<lin-def:partition_state id="oval:org.gentoo.dev.swift:ste:2"
version="1" comment="The file system is mounted with the nodev mount option">
<lin-def:mount_options entity_check="at least one">nodev</lin-def:mount_options>
</lin-def:partition_state>
</states>
<!--
<variables>
</variables>
-->
</oval_definitions>
|
GitWeb