<xsd:element name="permission_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the redhat-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the permission_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test checks the permission bits on a file, returning 1 or 0 based on the content of the named permission bit. The permission bits of a file are part of the octal "mode" of the file, a number that can be gathered via the stat command, stat() system call, or ls command. Each octal digit of the mode is a 3-bit number (0-7). In the first digit's bits are the Set-UID, Set-GID and Sticky bits. The remaining three digits are the user, group and other digits, corresponding to the user owner of the file, the group owner of the file, and then every other user on the system. Within these digits, the first bit is the read bit, the second bit is the write bit, and the third bit is the execute bit.</xsd:documentation>
<xsd:appinfo>
<test_name>Permission Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="redhat:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="gexec" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the group owner of the file execute it or, if a directory, change into the directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="gread" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the group owner of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="gwrite" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the group owner of the file write to this file or directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="oexec" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the other users execute this file or, if a directory, change into the directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="oread" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can all other users read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="owrite" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the other users write to this file or directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="sgid" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Does the program run with the gid (thus privileges) of the file's group owner, rather than the calling user's group?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="sticky" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can users delete each other's files in this directory, when said directory is writable by those users?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="suid" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Does the program run with the uid (thus privileges) of the file's owner, rather than the calling user?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uexec" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file execute it or, if a directory, change into the directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uread" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uwrite" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
|
XSD Schema Diagram:
