<xsd:element name="regkeyauditedpermissions_test" substitutionGroup="oval_results:test">
<xsd:annotation>
<xsd:documentation>This test looks at the audited access rights of a given registry key that a system access control list (SACL) structure grants to a specified trustee. The trustee's audited access rights are determined checking all access control entries (ACEs) in the SACL. For help with this test see the GetAuditedPermissionsFromAcl() api.</xsd:documentation>
<xsd:appinfo>
<test_name>Regkey Audited Permissions Test</test_name>
<extends>standardTestType</extends>
<valid_sections>message, definition_object, definition_data, tested_object</valid_sections>
<example>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval_results:standardTestType">
<xsd:sequence>
<xsd:element name="definition_object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval_results:definitionObjectType">
<xsd:sequence>
<xsd:element name="hive" type="windows:subtestHiveType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the hive of a registry key on the machine from which to retrieve the SACL.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key" type="oval_results:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies a registry key on the machine from which to retrieve the SACL. Note that the hive portion of the string should not be inclueded, as this data should be found under the hive element.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="trustee_name" type="oval_results:subtestStringType" minOccurs="1" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>This element specifies the trustee name associated with a particular SACL. A trustee can be a user, group, or program (such as a Windows service)</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="definition_data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval_results:definitionDataType">
<xsd:sequence>
<xsd:element name="trustee_domain" type="oval_results:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The domain of the specified trustee name.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="trustee_sid" type="oval_results:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The security identifier (SID) of the specified trustee name.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_delete" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The right to delete the object.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_read_control" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The right to read the information in the object's security descriptor, not including the information in the SACL.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_write_dac" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The right to modify the DACL in the object's security descriptor.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_write_owner" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The right to change the owner in the object's security descriptor.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_synchronize" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Windows NT/2000: The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="access_system_security" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Indicates access to a system access control list (SACL).</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_read" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Read access.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_write" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Write access.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_execute" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_all" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_query_value" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_set_value" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_create_sub_key" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_enumerate_sub_keys" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_notify" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_create_link" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_wow64_64key" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_wow64_32key" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_wow64_res" type="windows:subtestAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Audited Permissions Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="tested_object" minOccurs="0" maxOccurs="unbounded">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval_results:testedObjectType">
<xsd:sequence>
<xsd:element name="hive" type="windows:testedHiveType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the hive of the matching registry key object from which the SACL was retrieved.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Effective Rights Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key" type="oval_results:testedStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the registry key of the matching registry key object from which the SACL was retrieved. Note that the hive portion of the string should not be inclueded, as this data should be found under the hive element.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Effective Rights Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="trustee_name" type="oval_results:testedStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the trustee name associated with the matching SACL.</xsd:documentation>
<xsd:appinfo>
<parent_test>Regkey Effective Rights Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
|
XSD Schema Diagram:
