Well, this is embarrassing. :P
________________________________________ From: Marek Haicman <[email protected]> Sent: Thursday, November 16, 2017 1:23 PM To: [email protected] Subject: Re: Why does this test fail? On 11/16/2017 09:11 PM, Geller, Gregory Maximilian wrote: > > First of all, apologies in advance if this is not the correct forum for > this question. I'm new to all things SCAP. I'll try to be as concise as > possible. > > > Here's the command I'm running: > > > oscap oval eval --report $OUTDIR/$OUTFILE > /usr/share/scap_content/vulnerabilities/Red_Hat_Enterprise_Linux_7.xml > > > Here's the result I get for a specific test having to do with > java-1.7.0-openjdk: > > > Ruleoval:com.redhat.rhsa:def:20162658 > > Resultfalse > > Class patch > > Ident [RHSA-2016:2658-03], [CVE-2016-5542], [CVE-2016-5554], > [CVE-2016-5573], [CVE-2016-5582], [CVE-2016-5597] > > Title RHSA-2016:2658: java-1.7.0-openjdk security update (Important) > > > My first question is...why does this test return false if I don't have > java installed at all? > > > My second question is...how can I modify the test to make it return true > if java is not installed on the machine? > > > Thanks! > > Greg > > > > > _______________________________________________ > scap-security-guide mailing list -- [email protected] > To unsubscribe send an email to > [email protected] > Hello Greg, welcome to the wonderful world of SCAP! What you do when running the scan is search for vulnerabilities within your installed packages. Every test is test for vulnerability. Thus result "false" is the one you want - means this particular vulnerability is not present on the system. Hope it explains it a bit! Marek P.S. For configuration compliance tests, it's the other way around - you test for compliant configuration, so "true" is what you want, "false" means you have incompliance. _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected] _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
