No problem, thanks for the push.
On Mon, Sep 10, 2012 at 8:19 PM, Jeffrey Blank <bl...@eclipse.ncsc.mil> wrote:
> I just pushed this for you, sorry for the delay. This almost slipped
> through the cracks, please feel free to ping the list again if it seems
> anything has been forgotten.
>
> That reminds me that Peter mentioned some oval-results validation
> problems that I still need to fix...
>
>
>
>
> On 08/31/2012 02:49 AM, Willem Bos wrote:
>> Hi All,
>>
>> The missing '^' in the regexp makes oscap 0.8.0 (from the RHEL6 repo)
>> scan the whole filesystem. Credits to Gary Gapinsky for the quick fix.
>>
>> Jeffrey suggested replacing the check by a version that would advice
>> disabling the driver in /etc/modules.conf (see the 'oscap hangs on
>> wireless_disable_drivers.xml' thread). I'm not familiar with a robust
>> way to determine the presence of such a NIC without using specialized
>> utilities that might not be installed on the system. I did a `grep
>> net/wireless /lib/modules/$(uname -r)/modules.dep` to see if all
>> wireless drivers maybe shared a common dependency but this is not the
>> case. Also, I queried the device using udevadm for attributes unique
>> to wireless cards but could not see anything obvious :
>>
>> udevadm info --path=/sys/class/net/wlan0 --attribute-walk
>>
>> looking at device
>> '/devices/pci0000:00/0000:00:1c.1/0000:02:00.0/bcma0:0/net/wlan0':
>> KERNEL=="wlan0"
>> SUBSYSTEM=="net"
>> DRIVER==""
>> ATTR{addr_assign_type}=="0"
>> ATTR{addr_len}=="6"
>> ATTR{dev_id}=="0x0"
>> ATTR{ifalias}==""
>> ATTR{iflink}=="2"
>> ATTR{ifindex}=="2"
>> ATTR{type}=="1"
>> ATTR{link_mode}=="1"
>> ATTR{address}=="b8:8d:12:08:14:ea"
>> ATTR{broadcast}=="ff:ff:ff:ff:ff:ff"
>> ATTR{carrier}=="1"
>> ATTR{dormant}=="0"
>> ATTR{operstate}=="up"
>> ATTR{mtu}=="1500"
>> ATTR{flags}=="0x1003"
>> ATTR{tx_queue_len}=="1000"
>> ATTR{netdev_group}=="0"
>>
>> udevadm info --path=/sys/class/net/eth0 --attribute-walk
>>
>> looking at device '/devices/pci0000:00/0000:00:15.0/0000:03:00.0/net/eth0':
>> KERNEL=="eth0"
>> SUBSYSTEM=="net"
>> DRIVER==""
>> ATTR{addr_assign_type}=="0"
>> ATTR{addr_len}=="6"
>> ATTR{dev_id}=="0x0"
>> ATTR{ifalias}==""
>> ATTR{iflink}=="2"
>> ATTR{ifindex}=="2"
>> ATTR{features}=="0x118ba9"
>> ATTR{type}=="1"
>> ATTR{link_mode}=="0"
>> ATTR{address}=="00:50:56:b5:00:12"
>> ATTR{broadcast}=="ff:ff:ff:ff:ff:ff"
>> ATTR{carrier}=="1"
>> ATTR{speed}=="10000"
>> ATTR{duplex}=="full"
>> ATTR{dormant}=="0"
>> ATTR{operstate}=="unknown"
>> ATTR{mtu}=="1500"
>> ATTR{flags}=="0x1003"
>> ATTR{tx_queue_len}=="1000"
>>
>>
>> If anyone can give me a suggestion I'd be happy to spend more time on it.
>>
>> Regards,
>> Willem.
>>
>> ---
>> RHEL6/input/checks/wireless_disable_drivers.xml | 2 +-
>> 1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/RHEL6/input/checks/wireless_disable_drivers.xml
>> b/RHEL6/input/checks/wireless_disable_drivers.xml
>> index 9760f7c..129b308 100644
>> --- a/RHEL6/input/checks/wireless_disable_drivers.xml
>> +++ b/RHEL6/input/checks/wireless_disable_drivers.xml
>> @@ -21,7 +21,7 @@
>> </unix:file_test>
>> <unix:file_object comment="all local files"
>> id="object_wireless_disable_drivers" version="1">
>> - <unix:path operation="pattern
>> match">/lib/modules/.*/kernel/drivers/net/wireless</unix:path>
>> + <unix:path operation="pattern
>> match">^/lib/modules/.*/kernel/drivers/net/wireless</unix:path>
>> <unix:filename operation="pattern match">.*</unix:filename>
>> </unix:file_object>
>> </def-group>
>
> --
> ___________________________
> Jeffrey Blank
> 410-854-8675
> Technology and Systems Analysis / Network Components
> NSA Information Assurance
> _______________________________________________
> scap-security-guide mailing list
> scap-security-guide@lists.fedorahosted.org
> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
_______________________________________________
scap-security-guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
