A list for people interested in developing the OVAL language.
View all threadsI am trying to write an OVAL test that is predicated on the value of the PACKAGER tag for a given RPM package. I did not see this tag in the list of rpminfo tags exposed in the current OVAL schema. I was hoping there was a way to get this information without needing to extend the OVAL language itself (thus creating a fork that users of my content might not have access to).
Is this possible, or is support for pulling in this information only possible through language extension?
Thank you,
Nathan Banek
Forcepoint LLC
Hello,
I don't know the details and rationale for your use case. Nevertheless,
I cannot imagine the reason, why I would check the packager tag of RPM.
Anyone capable of building rpms is able to put any packager tag they
wish. And thus it thus tag is more of informational than something I
could rely onto.
What I would advise instead is check signature of rpm. See
signature_keyid element within rpminfo_state.
By checking the key that has signed given rpm you get much greater
certainty about the origins of the given package than any other way.
Šimon Lukašík
Member of technical staff
Office of the Chief Technologist
Red Hat Public Sector
Banek, Nathan Nathan.Banek@forcepoint.com writes:
I am trying to write an OVAL test that is predicated on the value of the PACKAGER tag for a given RPM package. I did not see this tag in the list of rpminfo tags exposed in the current OVAL schema. I was hoping there was a way to get this information without needing to extend the OVAL language itself (thus creating a fork that users of my content might not have access to).
Is this possible, or is support for pulling in this information only possible through language extension?
Thank you,
Nathan Banek
Forcepoint LLC
OVAL_Developer mailing list
OVAL_Developer@lists.cisecurity.org
http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org