Documentation for Open Vulnerability and Assessment Language (OVAL®)
Definition Type: Element
Name: fileeffectiverights53_object
Namespace: http://oval.mitre.org/XMLSchema/oval-definitions-5#windows
Type: oval-def:ObjectType
Containing Schema: windows-definitions-schema.xsd
Abstract
Documentation:
The fileeffectiverights53_object element is used by a file effective rights test to define the objects used to evalutate against the specified state. Each object extends the standard ObjectType as definied in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. A fileeffectiverights53_object is defined as a combination of a Windows file and trustee sid. The file represents the file to be evaluated while the trustee sid represents the account (sid) to check effective rights of. If multiple files or sids are matched by either reference, then each possible combination of file and sid is a matching file effective rights object. In addition, a number of behaviors may be provided that help guide the collection of objects. Please refer to the FileEffectiveRights53Behaviors complex type for more information about specific behaviors.
Collapse XSD Schema Diagram:
Drilldown into trustee_sid in schema windows-definitions-schema_xsd Drilldown into filename in schema windows-definitions-schema_xsd Drilldown into path in schema windows-definitions-schema_xsd Drilldown into behaviors in schema windows-definitions-schema_xsd Drilldown into set in schema oval-definitions-schema_xsd Drilldown into notes in schema oval-definitions-schema_xsd Drilldown into Signature in schema xmldsig-core-schema_xsd Drilldown into deprecated in schema oval-definitions-schema_xsd Drilldown into comment in schema oval-definitions-schema_xsd Drilldown into version in schema oval-definitions-schema_xsd Drilldown into id in schema oval-definitions-schema_xsd Drilldown into ObjectType in schema oval-definitions-schema_xsdXSD Diagram of fileeffectiverights53_object in schema windows-definitions-schema_xsd (Open Vulnerability and Assessment Language (OVAL®))
Collapse XSD Schema Code: 
<xsd:element name="fileeffectiverights53_object" substitutionGroup="oval-def:object">
    <xsd:annotation>
        <xsd:documentation>The fileeffectiverights53_object element is used by a file effective rights test to define the objects used to evalutate against the specified state. Each object extends the standard ObjectType as definied in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic.</xsd:documentation>
        <xsd:documentation>A fileeffectiverights53_object is defined as a combination of a Windows file and trustee sid. The file represents the file to be evaluated while the trustee sid represents the account (sid) to check effective rights of. If multiple files or sids are matched by either reference, then each possible combination of file and sid is a matching file effective rights object. In addition, a number of behaviors may be provided that help guide the collection of objects. Please refer to the FileEffectiveRights53Behaviors complex type for more information about specific behaviors.</xsd:documentation>
    </xsd:annotation>
    <xsd:complexType>
        <xsd:complexContent>
            <xsd:extension base="oval-def:ObjectType">
                <xsd:sequence>
                    <xsd:choice>
                        <xsd:element ref="oval-def:set" minOccurs="0" />
                        <xsd:sequence minOccurs="0">
                            <xsd:element name="behaviors" type="win-def:FileEffectiveRights53Behaviors" minOccurs="0" />
                            <xsd:element name="path" type="oval-def:EntityObjectStringType">
                                <xsd:annotation>
                                    <xsd:documentation>Specifies the absolute path to a file on the machine.</xsd:documentation>
                                    <xsd:appinfo>
                                        <sch:pattern id="fer53objpath" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                            <sch:rule context="win-def:fileeffectiverights53_object/win-def:path">
                                                <sch:assert test="not(@datatype) or @datatype='string'">
                                                    <sch:value-of select="../@id" /> - datatype attribute for the path entity of a fileeffectiverights53_object should be 'string'</sch:assert>
                                            </sch:rule>
                                        </sch:pattern>
                                    </xsd:appinfo>
                                </xsd:annotation>
                            </xsd:element>
                            <xsd:element name="filename" type="oval-def:EntityObjectStringType" nillable="true">
                                <xsd:annotation>
                                    <xsd:documentation>The filename element specifies the name of a file to evaluate. If the nillable attribute is set to true, then the object being specified is the higher level directory object. (not all the files in the directory) In this case, the filename element should not be used during collection and would result in the set of collected objects being the directories themselves. For example, one would set nillable to true if the desire was to as test the attributes or permissions associated with a directory. Setting nil equal to true is different than using a .* pattern match, which says to collect every file under a given path..</xsd:documentation>
                                    <xsd:appinfo>
                                        <sch:pattern id="fer53objfilename" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                            <sch:rule context="win-def:fileeffectiverights53_object/win-def:filename">
                                                <sch:assert test="not(@datatype) or @datatype='string'">
                                                    <sch:value-of select="../@id" /> - datatype attribute for the filename entity of a fileeffectiverights53_object should be 'string'</sch:assert>
                                                <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'&gt;') or contains(.,'|'))) else (1=1)">
                                                    <sch:value-of select="../@id" /> - filename entity can not contain the characters / \ : * ? &gt; | </sch:assert>
                                            </sch:rule>
                                        </sch:pattern>
                                    </xsd:appinfo>
                                </xsd:annotation>
                            </xsd:element>
                            <xsd:element name="trustee_sid" type="oval-def:EntityObjectStringType">
                                <xsd:annotation>
                                    <xsd:documentation>The trustee_sid element is the unique sid that associated a user, group, system, or program (such as a Windows service).</xsd:documentation>
                                    <xsd:appinfo>
                                        <sch:pattern id="fer53objtrustee_sid" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                            <sch:rule context="win-def:fileeffectiverights53_object/win-def:trustee_sid">
                                                <sch:assert test="not(@datatype) or @datatype='string'">
                                                    <sch:value-of select="../@id" /> - datatype attribute for the trustee_sid entity of a fileeffectiverights53_object should be 'string'</sch:assert>
                                            </sch:rule>
                                        </sch:pattern>
                                    </xsd:appinfo>
                                </xsd:annotation>
                            </xsd:element>
                        </xsd:sequence>
                    </xsd:choice>
                </xsd:sequence>
            </xsd:extension>
        </xsd:complexContent>
    </xsd:complexType>
</xsd:element>
Collapse Child Elements:
Name Type Min Occurs Max Occurs
Signature ds:Signature 0 1
notes oval-def:notes 0 1
set oval-def:set 0 (1)
behaviors win-def:behaviors 0 (1)
path win-def:path (1) (1)
filename win-def:filename (1) (1)
trustee_sid win-def:trustee_sid (1) (1)
Collapse Child Attributes:
Name Type Default Value Use
id oval-def:id Required
version oval-def:version Required
comment oval-def:comment Optional
deprecated oval-def:deprecated false Optional
Collapse Derivation Tree:
Collapse References:
oval-def:object
Documentation for Open Vulnerability and Assessment Language (OVAL®)

Generated using Liquid Studio - Developer Bundle 21.0.0.0