Hi, 1) FreeBSD - They use a specific format, called VuXML. We don't have support for that now. That would require to implement parsing, evaluating and reporting in VuXML format and also a probe to scan FreeBSD Ports. That wouldn't be a small task.
2) Solaris - I'm afraid that link you provided doesn't contain data for Solaris, but it's for Oracle Linux, which is a RHEL derivative. I don't know if they provide same thing for Solaris. If the Solaris data exist, and they're in OVAL format as well, we would need to implement a probe for Solaris packaging system. We don't have any Solaris probes now. I don't expect we in Red Hat will work on support for FreeBSD or Solaris. But we are willing to help people that want to contribute. Regards Jan Černý Security Technologies | Red Hat, Inc. ----- Original Message ----- > From: "Jordan Caraballo" <[email protected]> > To: [email protected] > Cc: [email protected] > Sent: Wednesday, July 19, 2017 7:39:48 PM > Subject: Re: [Open-scap] OpenSCAP support to Solaris and FreeBSD > > > > Hi Shawn, > > Thanks for your reply! I will start digging into them to see if I can start > developing some patches. > > I apologize if these are naive questions: > > - CIS has some pdf benchmark files for FreeBSD. Is this a good start for > recreating the rules to assess the system? > > > - On the other hand, there are vulnerabilities files available for FreeBSD > https://svn.freebsd.org/ports/head/security/vuxml/vuln.xml and Solaris > http://linux.oracle.com/security/oval/com.oracle.elsa-all.xml.bz2 . What we > would need is openscap and openscap-utils working on both OS's? > > > - Jordan > On 7/19/17 1:25 PM, Shawn Wells wrote: > > > > On 7/19/17 12:41 PM, Jordan Caraballo wrote: > > > > Hi guys, > > Are there any future or ongoing plans to support Solaris and FreeBSD > operating systems? > > Both to run OpenSCAP and to have compliance files from the > SCAP-Security-Guide. > There were 1-2 people from Oracle interested in porting OpenSCAP to > Solaris. Not sure what happened to that interest. Nobody has mentioned > FreeBSD before (that I know about). > > On the SSG side, there's no specific effort. Patches welcome if you'd be > interested in this. > > _______________________________________________ > Open-scap-list mailing list [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list > > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
