[SCAP-On-Apple-Dev] Developing OVAL Inventory Tests for Apple Platforms.

Peter Link plink53 at mac.com
Fri Jul 26 14:53:04 PDT 2013


Jasen,
	I submit that there are few items in the OVAL repository because very few people have spent any time writing them. I further submit one of the goals of the SCAP-on-Apple project is to greatly expand the number of definitions. I also would like to state (again) that just because OSX is built around BSD doesn't mean you can immediately use Linux processes to check for anything. I won't even comment on how Windows is tested because there's no similarity between these two OSes. I know OVAL/Mitre people like to use unix of some kind or another and I don't want to alienate them but OSX has its own way of defining and finding things and this should be used instead of trying to shoehorn OSX into an existing method. 

	I have not heard from Shawn on any of this discussion and would really like to hear how Apple would like to proceed. Apple is in the enterprise, there's no hiding that fact, so Apple needs to speak up and give us direction on what the best way to discover OSX settings is. For those of you who haven't looked at where our project is, please check out http://scap-on-apple.macosforge.org.

Thank you for the interest in OSX.


On Jul 26, 2013, at 10:53 AM, "Jacobsen, Jasen W." <jasenj1 at mitre.org> wrote:

> ...
> If you check the similar inventory definitions in the OVAL Repository for OS X you will notice a few things (http://oval.mitre.org/repository/data/SearchDefinitionAdv?class=2&family=2) :
> There are very few items compared to Windows or Linux.
> They all check for the existence of a particular file, whether it be in the package receipt directory (/private/var/db/receipts) or the /Applications directory.
> ...
> - Jasen.


Peter Link
LLNL retired
plink53 at mac.com



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/scap-on-apple-dev/attachments/20130726/aa6843e3/attachment.html>


More information about the SCAP-On-Apple-Dev mailing list