blob: b5203539b52b0e64694eabaee999536047894969 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
<?xml version="1.0" encoding="UTF-8"?>
<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"
xmlns:lin-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"
xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"
xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"
xsi:schemaLocation="
http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd
http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd
http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd
http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd
http://standards.iso.org/iso/19770/-2/2009/schema.xsd schema.xsd">
<generator>
<oval:product_name>OVAL Gentoo Linux</oval:product_name>
<oval:product_version>20130917.1</oval:product_version>
<oval:schema_version>5.10</oval:schema_version>
<oval:timestamp>2013-09-17T19:42:00</oval:timestamp>
</generator>
<definitions>
<definition id="oval:org.gentoo.dev.swift:def:1" version="1" class="inventory">
<metadata>
<title>Gentoo Linux is installed</title>
<affected family="unix">
<platform>Gentoo Linux</platform>
</affected>
<description>
This definition tests whether Gentoo Linux is installed.
</description>
</metadata>
<criteria>
<criterion test_ref="oval:org.gentoo.dev.swift:tst:1" comment="The /etc/gentoo-release file exists" />
</criteria>
</definition>
<definition id="oval:org.gentoo.dev.swift:def:2" version="1" class="compliance">
<metadata>
<title>The /home location must be a separate file system</title>
<affected family="unix">
<platform>Gentoo Linux</platform>
</affected>
<reference source="CCE" ref_url="http://nvd.nist.gov/cce/index.cfm" ref_id="CCE-14559-9"/>
<description>
This definition tests whether the /home location is a separate file
system.
</description>
</metadata>
<criteria operator="AND">
<criterion test_ref="oval:org.gentoo.dev.swift:tst:2" comment="The /home location is on a separate partition" />
</criteria>
</definition>
<definition id="oval:org.gentoo.dev.swift:def:3" version="1" class="compliance">
<metadata>
<title>The /home file system is mounted with the nosuid option</title>
<affected family="unix">
<platform>Gentoo Linux</platform>
</affected>
<description>
This definition tests whether the /home partition is mounted with the nosuid
mount option.
</description>
</metadata>
<criteria operator="AND">
<criterion test_ref="oval:org.gentoo.dev.swift:tst:2" comment="The /home location is on a separate partition" />
<criterion test_ref="oval:org.gentoo.dev.swift:tst:3" comment="The /home partition is mounted with nosuid mount option" />
</criteria>
</definition>
</definitions>
<tests>
<unix-def:file_test id="oval:org.gentoo.dev.swift:tst:1"
version="1" check="all" check_existence="all_exist"
comment="Tests that /etc/gentoo-release exists">
<!-- /etc/gentoo-release file -->
<unix-def:object object_ref="oval:org.gentoo.dev.swift:obj:1" />
</unix-def:file_test>
<lin-def:partition_test id="oval:org.gentoo.dev.swift:tst:2"
version="1" check="all" check_existence="all_exist"
comment="Tests that /home is a separate file system">
<!-- /home partition -->
<lin-def:object object_ref="oval:org.gentoo.dev.swift:obj:2" />
</lin-def:partition_test>
<lin-def:partition_test id="oval:org.gentoo.dev.swift:tst:3"
version="1" check="all" check_existence="all_exist"
comment="Tests that /home is mounted with nosuid option">
<!-- /home partition -->
<lin-def:object object_ref="oval:org.gentoo.dev.swift:obj:2" />
<!-- "nosuid" mount option -->
<lin-def:state state_ref="oval:org.gentoo.dev.swift:ste:1" />
</lin-def:partition_test>
</tests>
<objects>
<unix-def:file_object id="oval:org.gentoo.dev.swift:obj:1"
version="1" comment="The /etc/gentoo-release file">
<unix-def:filepath>/etc/gentoo-release</unix-def:filepath>
</unix-def:file_object>
<lin-def:partition_object id="oval:org.gentoo.dev.swift:obj:2"
version="1" comment="The /home partition">
<lin-def:mount_point>/home</lin-def:mount_point>
</lin-def:partition_object>
</objects>
<states>
<lin-def:partition_state id="oval:org.gentoo.dev.swift:ste:1"
version="1" comment="The file system is mounted with the nosuid mount option">
<lin-def:mount_options entity_check="at least one">nosuid</lin-def:mount_options>
</lin-def:partition_state>
</states>
<!--
<variables>
</variables>
-->
</oval_definitions>
|