heimdall2 icon indicating copy to clipboard operation
heimdall2 copied to clipboard

Published 20 hours ago verified publisher icon mitre

Clarify XCCDF Results import scope

Open ejaronne opened this issue 2 years ago • 1 comments

ejaronne avatar Oct 28 '22 15:10 ejaronne

Is there anything we can add to the fingerprinting to know if the XCCDF-Results file came from a supported tool? Is there anything in the header that ids which client produced the file?

aaronlippold avatar Nov 03 '22 03:11 aaronlippold

Users don't RTFM so if our loading could say - I know you tried to give me an XCCDF-Results file but it doesn't seem to be from OpenSCAP or SCC or ACAS etc

aaronlippold avatar Nov 03 '22 03:11 aaronlippold

@aaronlippold maybe? I would feel uncomfortable relying on it due to the low number of samples that we have but please see the following:

image

image

They're in two different locations and seem to be optionally supplied. If we have other/older samples that we can also test with to see if the behavior stays the same over time, maybe it's possible? The SCC one in particular I dunno if it's intentional or just a fluke for how Cole set up his vm / scc run.

Amndeep7 avatar Nov 03 '22 03:11 Amndeep7

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

sonarqubecloud[bot] avatar Nov 03 '22 03:11 sonarqubecloud[bot]

@mergifyio refresh

Amndeep7 avatar Nov 03 '22 20:11 Amndeep7

refresh

✅ Pull request refreshed

mergify[bot] avatar Nov 03 '22 20:11 mergify[bot]