[SCAP-On-Apple-Dev] Developing OVAL Inventory Tests for Apple Platforms.

[Jacobsen, Jasen W.]

I completely agree. Unfortunately, the recent pkginfo discussion has revealed that OVAL does not have suitable language features to perform an accurate software inventory on OS X. So not only are people not writing OVAL definitions, there is no way to write good definitions. We, the OVAL community, could really use Apple's help to get a good inventory test into the language. I believe we (the OVAL folks) would like to get something into the next version of OVAL which is planned to be released later this year, that's why I'm pushing a bit.

- Jasen.

From: Peter Link <plink53 at mac.com<mailto:plink53 at mac.com>>
Date: Friday, July 26, 2013 5:53 PM
To: MITRE Employee <jasenj1 at mitre.org<mailto:jasenj1 at mitre.org>>
Cc: "scap-on-apple-dev at lists.macosforge.org<mailto:scap-on-apple-dev at lists.macosforge.org>" <scap-on-apple-dev at lists.macosforge.org<mailto:scap-on-apple-dev at lists.macosforge.org>>, oval-developer-list OVAL Developer List/Closed Public Discussion <oval-developer-list at lists.mitre.org<mailto:oval-developer-list at lists.mitre.org>>
Subject: Re: [SCAP-On-Apple-Dev] Developing OVAL Inventory Tests for Apple Platforms.

Jasen,
I submit that there are few items in the OVAL repository because very few people have spent any time writing them. I further submit one of the goals of the SCAP-on-Apple project is to greatly expand the number of definitions. I also would like to state (again) that just because OSX is built around BSD doesn't mean you can immediately use Linux processes to check for anything. I won't even comment on how Windows is tested because there's no similarity between these two OSes. I know OVAL/Mitre people like to use unix of some kind or another and I don't want to alienate them but OSX has its own way of defining and finding things and this should be used instead of trying to shoehorn OSX into an existing method.

I have not heard from Shawn on any of this discussion and would really like to hear how Apple would like to proceed. Apple is in the enterprise, there's no hiding that fact, so Apple needs to speak up and give us direction on what the best way to discover OSX settings is. For those of you who haven't looked at where our project is, please check out http://scap-on-apple.macosforge.org<http://scap-on-apple.macosforge.org/>.

Thank you for the interest in OSX.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/scap-on-apple-dev/attachments/20130729/23df9ec2/attachment.html>