heimdall2
heimdall2 copied to clipboard
mitre
overlay delta icon isn't precise
Per https://github.com/mitre/heimdall2/issues/87 , the intent was to put an icon next to the name of any controls that have been modified by an overlay. However, the icon seems to label all controls of a profile that depends on (aka includes from) other profiles as modified, when in fact sometimes controls are depended upon without modification.
For example, load the triple overlay sample from heimdall.
Control V-61409 has had its title, description, and check text modified:
However, the very next control V-61411 is simply the baseline with no augmentation:
Both are labeled as "modified in an overlay", but that is not true for the second example.
On multiple-layer overlays, doesn't flag things overlaid controls such as the attached example. Look carefully at it in Heimdall's code tab. V-71933 is overlaid by the first layer overlay V-71943 is overlaid by the first layer overlay but then also by the second layer overlay These are correctly flagged with a delta icon
But V-71935 is overlaid only by the second-layer overlay. It is not flagged by with a delta icon.
example-3-layer-overlay_02092022.json.txt
As of 5/4/2022, this isn't quite fixed. See attached example-3-layer-overlay_03062022.json.txt
- V-71933 is overlayed by the "middle" or "first-layer" overlay profile named "example-inspec-overlay-profile-against-rhel7-stig-baseline-profile"
- V-71935 is overlayed by the "top" or "second-layer" overlay profile named "second-layer-example-inspec-overlay-profile-against-1st-layer-example-inspec-overlay-profile"
- V-71943 is overlayed by *both" overlay profiles
The delta icon in heimdall shows up only for the V-71933 and V-71943. It does not for V-71935. Heimdall needs to recognize when/if overlaying is happening at any level of multiple overlays.