The following is a description of the elements, types, and attributes that compose the Apache specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.
Apache Definition
5.3
6/22/2007 11:17:22 AM
schematron validation of the Apache portion of an OVAL Definitions file
The httpd test is used to check the version of an installed httpd binary. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an httpd_test and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
- the object child element of a httpd_test must reference a httpd_object
- the state child element of a httpd_test must reference a httpd_state
The httpd_object element is used by a httpd test to define the different httpd binary installed on a system. There is actually only one object relating to this and it is the collection of all httpd binaries. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version_object which is basically an empty object element. A tool that implements the httpd_test and collects the httpd_object must know how to find all the httpd binaries on the system and verify that they are in fact httpd binaries.
The version_state element defines information associated with a specific httpd binary.
The path element specifies the absolute path to a file on the machine.
- datatype attribute for the path entity of a httpd_state should be 'string'
- operation attribute for the path entity of a httpd_state should be 'equals', 'not equal', or 'pattern match'
The filename element specifies the name of the file. If the nillable attribute is set to true, then the object being specified is the higher level path. In this case, the filename element should not be collected or used in analysis. Setting nil equal to true is different than using a .* pattern match, says to collect every file under a given path.
- datatype attribute for the binary_name entity of a httpd_state should be 'string'
- operation attribute for the binary_name entity of a httpd_state should be 'equals', 'not equal', or 'pattern match'
The version entity is used to check the version of the httpd binary. The datatype for the version entity is 'version' which means the value should be a delimited set of numbers. It is obtained by running 'httpd -v'.
- datatype attribute for the version entity of a httpd_state should be 'version'
- operation attribute for the version entity of a httpd_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', or 'less than or equal'
This test has been deprecated. It will be removed from the next major version release (6.0) of the OVAL Schema. It has been replaced by the httpd_test.
The version test is used to check the version of Apache installed system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an version_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
- the object child element of a version_test must reference a version_object
- the state child element of a version_test must reference a version_state
This object has been deprecated. It will be removed from the next major version release (6.0) of the OVAL Schema. It has been replaced by the httpd_object.
The version_object element is used by a version test to define the different version information associated with an Apache installation. There is actually only one object relating to version and this is the Apche installation as a whole. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version_object which is basically an empty object element.
This state has been deprecated. It will be removed from the next major version release (6.0) of the OVAL Schema. It has been replaced by the httpd_state.
The version_state element defines the version information of an Apache installation. This is obtained by running 'httpd -v'.
The version entity is used to check the version of the Apache installation.
- datatype attribute for the version entity of an version_state should be 'version'
- operation attribute for the version entity of a version_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', or 'less than or equal'