From f0bff190867f6d581ad840726940784f539bca99 Mon Sep 17 00:00:00 2001 From: Jan Lieskovsky <[email protected]> Date: Tue, 17 Sep 2013 16:28:36 +0200 Subject: [PATCH 3/8] Add F-19 basic guide XML (and corresponding XSLT) files.
Signed-off-by: Jan Lieskovsky <[email protected]> --- FEDORA/input/guide.xml | 40 ++++++++++++++++++++++++++++++++++++++++ FEDORA/input/guide.xslt | 43 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100644 FEDORA/input/guide.xml create mode 100644 FEDORA/input/guide.xslt diff --git a/FEDORA/input/guide.xml b/FEDORA/input/guide.xml new file mode 100644 index 0000000..c76b795 --- /dev/null +++ b/FEDORA/input/guide.xml @@ -0,0 +1,40 @@ +<?xml version="1.0"?> +<Benchmark xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xhtml="http://www.w3.org/1999/xhtml"; xmlns:dc="http://purl.org/dc/elements/1.1/"; id="FEDORA-19" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 xccdf-1.1.4.xsd" resolved="false" xml:lang="en-US" > + +<status date="2011-12-20">draft</status> +<title>Guide to the Secure Configuration of Fedora release 19 (Schrödinger's Cat)</title> +<description>This guide presents a catalog of security-relevant +configuration settings for Fedora release 19 (Schrödinger's Cat) formatted in the +eXtensible Configuration Checklist Description Format (XCCDF). +<br/> +<br/> +Providing system administrators with such guidance informs them how to securely +configure systems under their control in a variety of network roles. Policy +makers and baseline creators can use this catalog of settings, with its +associated references to higher-level security control catalogs, in order to +assist them in security baseline creation. This guide is a <i>catalog, not a +checklist,</i> and satisfaction of every item is not likely to be possible or +sensible in many operational scenarios. However, the XCCDF format enables +granular selection and adjustment of settings, and their association with OVAL +and OCIL content provides an automated checking capability. Transformations of +this document, and its associated automated checking content, are capable of +providing baselines that meet a diverse set of policy objectives. Some example +XCCDF <i>Profiles</i>, which are selections of items that form checklists and +can be used as baselines, are available with this guide. They can be +processed, in an automated fashion, with tools that support the Security +Content Automation Protocol (SCAP). +</description> +<notice id="terms_of_use">Do not attempt to implement any of the settings in +this guide without first testing them in a non-operational environment. The +creators of this guidance assume no responsibility whatsoever for its use by +other parties, and makes no guarantees, expressed or implied, about its +quality, reliability, or any other characteristic.</notice> + +<front-matter>The SCAP Security Guide Project<br/>https://fedorahosted.org/scap-security-guide</front-matter> +<rear-matter>Red Hat and Fedora are either registered +trademarks or trademarks of Red Hat, Inc. in the United States and other +countries. All other names are registered trademarks or trademarks of their +respective companies.</rear-matter> +<platform idref="cpe:/o:fedoraproject:fedora:19" /> +<version>0.0.1</version> +</Benchmark> diff --git a/FEDORA/input/guide.xslt b/FEDORA/input/guide.xslt new file mode 100644 index 0000000..a24bdd9 --- /dev/null +++ b/FEDORA/input/guide.xslt @@ -0,0 +1,43 @@ +<?xml version="1.0"?> +<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"; xmlns:xccdf="http://checklists.nist.gov/xccdf/1.1"; xmlns:xhtml="http://www.w3.org/1999/xhtml"; xmlns:dc="http://purl.org/dc/elements/1.1/";> + +<!-- This transform assembles all fragments into one "shorthand" XCCDF document --> + + <xsl:template match="Benchmark"> + <xsl:copy> + <xsl:copy-of select="@*|node()" /> + + <!-- adding profiles here --> + <xsl:apply-templates select="document('profiles/common.xml')" /> + + <Value id="conditional_clause" type="string" operator="equals"> + <title>A conditional clause for check statements.</title> + <description>A conditional clause for check statements.</description> + <value>This is a placeholder.</value> + </Value> + <xsl:apply-templates select="document('intro/intro.xml')" /> + <xsl:apply-templates select="document('system/system.xml')" /> + </xsl:copy> + </xsl:template> + + <xsl:template match="Group[@id='system']"> + <xsl:copy> + <xsl:copy-of select="@*|node()" /> + <xsl:apply-templates select="document('system/software/software.xml')" /> + </xsl:copy> + </xsl:template> + + <xsl:template match="Group[@id='software']"> + <xsl:copy> + <xsl:copy-of select="@*|node()" /> + <xsl:apply-templates select="document('system/software/updating.xml')" /> + </xsl:copy> + </xsl:template> + + <!-- copy everything else through to final output --> + <xsl:template match="@*|node()"> + <xsl:copy> + <xsl:apply-templates select="@*|node()" /> + </xsl:copy> + </xsl:template> +</xsl:stylesheet> -- 1.7.11.7
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
