Making Security Measurable › OVAL › OVAL Developer's Forum

Benchmark Editor Unix/Linux Support

5 messages Options
Embed this post
Permalink
Edward Sealing

Benchmark Editor Unix/Linux Support

Reply Threaded More More options
Print post
Permalink
Some javascript/style in this post has been disabled (why?)

Hi,

 

I’m just getting rev’d up on OVAL and beginning to write some definitions/tests for RHEL and other Linux distros (picking up where others have left off). I downloaded the latest version on the Benchmark Editor only to find that it doesn’t seem to parse the Unix/Linux/etc schema files. When it attempts to load a previous created/accepted definition file, it either doesn’t recognize the tests/objects/states or says they are Windows.

 

When trying to create a new definition file, it only allows the selection of windows/independent schemas. If choosing any others, it doesn’t allow for the selection of a “Root Field”. Am I to assume that the tool doesn’t currently support anything outside of Windows definition development? If so, is there an tool that current developers might recommend, aside from a text editor?

 

Thanks for your help!!

 

Edward Sealing, CISSP, CEH

Security Engineer

Linux Services & Solutions Practice

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
Thomas R. Jones

Re: Benchmark Editor Unix/Linux Support

Reply Threaded More More options
Print post
Permalink
Some javascript/style in this post has been disabled (why?)
I have never utilized this resource but I'm pretty sure it's only win32 capable.  I'd check the source code to verify linux inclusions. 

I don't know of any oval IDE for the Linux/unix platforms. However I would suggest the Kate editor, included as the default editor in the kde window manager. It provides snippet capabilities; as well as the ability to create templates for any textual constructs. **think entire oval definition template**

Cheers! Thomas

Sent from my iPhone

On Aug 10, 2009, at 3:31 PM, Edward Sealing <[hidden email]> wrote:

Hi,

 

I’m just getting rev’d up on OVAL and beginning to write some definitions/tests for RHEL and other Linux distros (picking up where others have left off). I downloaded the latest version on the Benchmark Editor only to find that it doesn’t seem to parse the Unix/Linux/etc schema files. When it attempts to load a previous created/accepted definition file, it either doesn’t recognize the tests/objects/states or says they are Windows.

 

When trying to create a new definition file, it only allows the selection of windows/independent schemas. If choosing any others, it doesn’t allow for the selection of a “Root Field”. Am I to assume that the tool doesn’t currently support anything outside of Windows definition development? If so, is there an tool that current developers might recommend, aside from a text editor?

 

Thanks for your help!!

 

Edward Sealing, CISSP, CEH

Security Engineer

Linux Services & Solutions Practice

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
Charles Schmidt (MITRE)

Re: Benchmark Editor Unix/Linux Support

Reply Threaded More More options
Print post
Permalink
The Benchmark Editor executable was designed to be platform neutral. That said, I never did much testing running the tool on anything outside of Windows. As such, there could be some filesystem dependency that is messing things up.

If the tool runs (and it sounds like that is what is happening), then it should work. The tool is completely schema neutral, so if you are able to get it to read and parse windows component schema items, it should work for any of the component schemas that the tool has loaded.

Feel free to contact me off list - if you can share the input file you are trying to parse and describe the steps you took, I might be able to figure out what is going wrong.

Charles
The MITRE Corp.

>-----Original Message-----
>From: Thomas R. Jones [mailto:[hidden email]]
>Sent: Monday, August 10, 2009 4:44 PM
>To: oval-developer-list OVAL Developer List/Closed Public Discussion
>Subject: Re: [OVAL-DEVELOPER-LIST] Benchmark Editor Unix/Linux Support
>
>I have never utilized this resource but I'm pretty sure it's only win32
>capable.  I'd check the source code to verify linux inclusions.
>
>I don't know of any oval IDE for the Linux/unix platforms. However I
>would suggest the Kate editor, included as the default editor in the kde
>window manager. It provides snippet capabilities; as well as the ability
>to create templates for any textual constructs. **think entire oval
>definition template**
>
>Cheers! Thomas
>
>Sent from my iPhone
>
>On Aug 10, 2009, at 3:31 PM, Edward Sealing <[hidden email]> wrote:
>
>
>
> Hi,
>
>
>
> I’m just getting rev’d up on OVAL and beginning to write some
>definitions/tests for RHEL and other Linux distros (picking up where
>others have left off). I downloaded the latest version on the Benchmark
>Editor only to find that it doesn’t seem to parse the Unix/Linux/etc
>schema files. When it attempts to load a previous created/accepted
>definition file, it either doesn’t recognize the tests/objects/states or
>says they are Windows.
>
>
>
> When trying to create a new definition file, it only allows the
>selection of windows/independent schemas. If choosing any others, it
>doesn’t allow for the selection of a “Root Field”. Am I to assume that
>the tool doesn’t currently support anything outside of Windows
>definition development? If so, is there an tool that current developers
>might recommend, aside from a text editor?
>
>
>
> Thanks for your help!!
>
>
>
> Edward Sealing, CISSP, CEH
>
> Security Engineer
>
> Linux Services & Solutions Practice
>
> To unsubscribe, send an email message to [hidden email]
>with SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you have
>difficulties, write to [hidden email].
>
>To unsubscribe, send an email message to [hidden email] with
>SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you have
>difficulties, write to [hidden email].
Edward Sealing

Benchmark Editor Unix/Linux Support (BUG: 2837725)

Reply Threaded More More options
Print post
Permalink
I did some more research on this one today (Bug: Tool fails to find root elements for some schemas - ID: 2837725).

As it turns out, Benchmark Editor is simply looking for a metafile association.

Source File: CreateFileDialog.java
        Lines 117 - 121 are where it's associating the metafile data with the selected schema.
        Line: 118 has a TODO that talks about refactoring this requirement out later.


The bottom line is that if it doesn't find a metafile that contains the schema, then it just ignores all content. To get around this, I just added the schemas I needed to OVAL_metafile.xml. It's probably a good idea to add all of the schemas. These are just the ones I'm working with. The new one looks like:

<metafile xmlns="http://org.mitre.benchmarkeditor/metafileschema">
  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" />
  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" />
  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" />
  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" />
  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" />
  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" />
  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache" />
  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#macos" />
  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-common-5" />
<elements>...</elements>

It still defaults to "windows" if it doesn't know the tests/object/states. Since I'm not working with windows, I just removed it from the folder (along with anything else I'm not using... catos, esx, etc).

This seems to work fine for right now.

Edward Sealing
Linux Services & Solutions Practice
Tresys Technology
Columbia, MD 21045
Phone: 410.290.1411  x101
FAX:
[hidden email] |


-----Original Message-----
From: Schmidt, Charles M. [mailto:[hidden email]]
Sent: Tuesday, August 11, 2009 8:58 AM
To: [hidden email]
Subject: Re: [OVAL-DEVELOPER-LIST] Benchmark Editor Unix/Linux Support

The Benchmark Editor executable was designed to be platform neutral. That said, I never did much testing running the tool on anything outside of Windows. As such, there could be some filesystem dependency that is messing things up.

If the tool runs (and it sounds like that is what is happening), then it should work. The tool is completely schema neutral, so if you are able to get it to read and parse windows component schema items, it should work for any of the component schemas that the tool has loaded.

Feel free to contact me off list - if you can share the input file you are trying to parse and describe the steps you took, I might be able to figure out what is going wrong.

Charles
The MITRE Corp.

>-----Original Message-----
>From: Thomas R. Jones [mailto:[hidden email]]
>Sent: Monday, August 10, 2009 4:44 PM
>To: oval-developer-list OVAL Developer List/Closed Public Discussion
>Subject: Re: [OVAL-DEVELOPER-LIST] Benchmark Editor Unix/Linux Support
>
>I have never utilized this resource but I'm pretty sure it's only win32
>capable.  I'd check the source code to verify linux inclusions.
>
>I don't know of any oval IDE for the Linux/unix platforms. However I
>would suggest the Kate editor, included as the default editor in the kde
>window manager. It provides snippet capabilities; as well as the ability
>to create templates for any textual constructs. **think entire oval
>definition template**
>
>Cheers! Thomas
>
>Sent from my iPhone
>
>On Aug 10, 2009, at 3:31 PM, Edward Sealing <[hidden email]> wrote:
>
>
>
> Hi,
>
>
>
> I’m just getting rev’d up on OVAL and beginning to write some
>definitions/tests for RHEL and other Linux distros (picking up where
>others have left off). I downloaded the latest version on the Benchmark
>Editor only to find that it doesn’t seem to parse the Unix/Linux/etc
>schema files. When it attempts to load a previous created/accepted
>definition file, it either doesn’t recognize the tests/objects/states or
>says they are Windows.
>
>
>
> When trying to create a new definition file, it only allows the
>selection of windows/independent schemas. If choosing any others, it
>doesn’t allow for the selection of a “Root Field”. Am I to assume that
>the tool doesn’t currently support anything outside of Windows
>definition development? If so, is there an tool that current developers
>might recommend, aside from a text editor?
>
>
>
> Thanks for your help!!
>
>
>
> Edward Sealing, CISSP, CEH
>
> Security Engineer
>
> Linux Services & Solutions Practice
>
> To unsubscribe, send an email message to [hidden email]
>with SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you have
>difficulties, write to [hidden email].
>
>To unsubscribe, send an email message to [hidden email] with
>SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you have
>difficulties, write to [hidden email].
Charles Schmidt (MITRE)

Re: Benchmark Editor Unix/Linux Support (BUG: 2837725)

Reply Threaded More More options
Print post
Permalink
Hello all,

I have confirmed this fix and version 1.0.1-beta of the Benchmark Editor includes an updated OVAL metafile with all the OVAL component schemas referenced.

Thanks a ton to Edward for tracking this down and finding a solution.

Charles

>-----Original Message-----
>From: Edward Sealing [mailto:[hidden email]]
>Sent: Monday, September 21, 2009 10:46 AM
>To: oval-developer-list OVAL Developer List/Closed Public Discussion
>Subject: [OVAL-DEVELOPER-LIST] Benchmark Editor Unix/Linux Support (BUG:
>2837725)
>
>I did some more research on this one today (Bug: Tool fails to find root
>elements for some schemas - ID: 2837725).
>
>As it turns out, Benchmark Editor is simply looking for a metafile
>association.
>
>Source File: CreateFileDialog.java
> Lines 117 - 121 are where it's associating the metafile data with
>the selected schema.
> Line: 118 has a TODO that talks about refactoring this requirement
>out later.
>
>
>The bottom line is that if it doesn't find a metafile that contains the
>schema, then it just ignores all content. To get around this, I just
>added the schemas I needed to OVAL_metafile.xml. It's probably a good
>idea to add all of the schemas. These are just the ones I'm working
>with. The new one looks like:
>
><metafile xmlns="http://org.mitre.benchmarkeditor/metafileschema">
>  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-
>definitions-5" />
>  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-
>definitions-5#windows" />
>  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-
>definitions-5#independent" />
>  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-
>definitions-5#unix" />
>  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-
>definitions-5#linux" />
>  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-
>definitions-5#aix" />
>  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-
>definitions-5#apache" />
>  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-
>definitions-5#macos" />
>  <schema targeted_namespace="http://oval.mitre.org/XMLSchema/oval-
>common-5" />
><elements>...</elements>
>
>It still defaults to "windows" if it doesn't know the
>tests/object/states. Since I'm not working with windows, I just removed
>it from the folder (along with anything else I'm not using... catos,
>esx, etc).
>
>This seems to work fine for right now.
>
>Edward Sealing
>Linux Services & Solutions Practice
>Tresys Technology
>Columbia, MD 21045
>Phone: 410.290.1411  x101
>FAX:
>[hidden email] |
>
>
>-----Original Message-----
>From: Schmidt, Charles M. [mailto:[hidden email]]
>Sent: Tuesday, August 11, 2009 8:58 AM
>To: [hidden email]
>Subject: Re: [OVAL-DEVELOPER-LIST] Benchmark Editor Unix/Linux Support
>
>The Benchmark Editor executable was designed to be platform neutral.
>That said, I never did much testing running the tool on anything outside
>of Windows. As such, there could be some filesystem dependency that is
>messing things up.
>
>If the tool runs (and it sounds like that is what is happening), then it
>should work. The tool is completely schema neutral, so if you are able
>to get it to read and parse windows component schema items, it should
>work for any of the component schemas that the tool has loaded.
>
>Feel free to contact me off list - if you can share the input file you
>are trying to parse and describe the steps you took, I might be able to
>figure out what is going wrong.
>
>Charles
>The MITRE Corp.
>
>>-----Original Message-----
>>From: Thomas R. Jones [mailto:[hidden email]]
>>Sent: Monday, August 10, 2009 4:44 PM
>>To: oval-developer-list OVAL Developer List/Closed Public Discussion
>>Subject: Re: [OVAL-DEVELOPER-LIST] Benchmark Editor Unix/Linux Support
>>
>>I have never utilized this resource but I'm pretty sure it's only win32
>>capable.  I'd check the source code to verify linux inclusions.
>>
>>I don't know of any oval IDE for the Linux/unix platforms. However I
>>would suggest the Kate editor, included as the default editor in the
>kde
>>window manager. It provides snippet capabilities; as well as the
>ability
>>to create templates for any textual constructs. **think entire oval
>>definition template**
>>
>>Cheers! Thomas
>>
>>Sent from my iPhone
>>
>>On Aug 10, 2009, at 3:31 PM, Edward Sealing <[hidden email]>
>wrote:
>>
>>
>>
>> Hi,
>>
>>
>>
>> I’m just getting rev’d up on OVAL and beginning to write some
>>definitions/tests for RHEL and other Linux distros (picking up where
>>others have left off). I downloaded the latest version on the Benchmark
>>Editor only to find that it doesn’t seem to parse the Unix/Linux/etc
>>schema files. When it attempts to load a previous created/accepted
>>definition file, it either doesn’t recognize the tests/objects/states
>or
>>says they are Windows.
>>
>>
>>
>> When trying to create a new definition file, it only allows the
>>selection of windows/independent schemas. If choosing any others, it
>>doesn’t allow for the selection of a “Root Field”. Am I to assume that
>>the tool doesn’t currently support anything outside of Windows
>>definition development? If so, is there an tool that current developers
>>might recommend, aside from a text editor?
>>
>>
>>
>> Thanks for your help!!
>>
>>
>>
>> Edward Sealing, CISSP, CEH
>>
>> Security Engineer
>>
>> Linux Services & Solutions Practice
>>
>> To unsubscribe, send an email message to [hidden email]
>>with SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you
>have
>>difficulties, write to [hidden email].
>>
>>To unsubscribe, send an email message to [hidden email] with
>>SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you have
>>difficulties, write to [hidden email].
Free Embeddable Forum Powered by Nabble Help