The following is a description of the elements, types, and attributes that compose the MacOS specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
The MacOS System Characteristics Schema was initially developed by The Center for Internet Security. Many thanks to their contributions to OVAL and the security community.
The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.
This item stores sser account information (username, uid, gid, etc.).
Child Elements Type MinOccurs MaxOccurs username oval-sc:EntityItemStringType 0 1 password oval-sc:EntityItemStringType 0 1 uid oval-sc:EntityItemIntType 0 1 gid oval-sc:EntityItemIntType 0 1 realname oval-sc:EntityItemStringType 0 1 home_dir oval-sc:EntityItemStringType 0 1 login_shell oval-sc:EntityItemStringType 0 1
An inet listening server item stores the results of checking for network servers currently active on a system.
Child Elements Type MinOccurs MaxOccurs program_name oval-sc:EntityItemStringType 0 1 local_address oval-sc:EntityItemStringType 0 1 local_full_address oval-sc:EntityItemStringType 0 1 local_port oval-sc:EntityItemStringType 0 1 foreign_address oval-sc:EntityItemStringType 0 1 foreign_full_address oval-sc:EntityItemStringType 0 1 foreign_port oval-sc:EntityItemStringType 0 1 pid oval-sc:EntityItemIntType 0 1 protocol oval-sc:EntityItemStringType 0 1 user_id oval-sc:EntityItemStringType 0 1
Output of 'nvram -p'
Child Elements Type MinOccurs MaxOccurs nvram_var oval-sc:EntityItemStringType 0 1 nvram_value oval-sc:EntityItemStringType 0 1
The pwpolicy_item holds the password policy information for a particular user specified by the target_user element. Please see the 'pwpolicy' man page for additional information.
Child Elements Type MinOccurs MaxOccurs target_user oval-sc:EntityItemStringType 0 1 username oval-sc:EntityItemStringType 0 1 userpass oval-sc:EntityItemStringType 0 1 directory_node oval-sc:EntityItemStringType 0 1 maxChars oval-sc:EntityItemIntType 0 1 maxFailedLoginAttempts oval-sc:EntityItemIntType 0 1 minChars oval-sc:EntityItemIntType 0 1 passwordCannotBeName oval-sc:EntityItemBoolType 0 1 requiresAlpha oval-sc:EntityItemBoolType 0 1 requiresNumeric oval-sc:EntityItemBoolType 0 1