[Open-scap] Fwd: OpenSCAP Code Development - some questions about syschar sources

Gabriel Gaspar Becker ggasparb at redhat.com
Fri Oct 30 11:07:34 UTC 2020 

Hi Adam,

I think the best would be to ask this question on "open-scap-list". I'm
forwarding the question there. Also please subscribe to the mailing list
here: https://www.redhat.com/mailman/listinfo/open-scap-list

Regards.

---------- Forwarded message ---------
From: Adam Horeth <Adam.Horeth at keyesinfotech.com>
Date: Thu, Oct 29, 2020 at 7:10 PM
Subject: OpenSCAP Code Development - some questions about syschar sources
To: ascheel at redhat.com <ascheel at redhat.com>, bbaude at redhat.com <
bbaude at redhat.com>, ggasparb at redhat.com <ggasparb at redhat.com>,
julian.klode at canonical.com <julian.klode at canonical.com>, kjankov at redhat.com
<kjankov at redhat.com>
Cc: Rod Castillo <Rod.Castillo at keyesinfotech.com>


Hi, my name is Adam Horeth and I was hoping that I might
ask you some questions about the OpenSCAP codebase.

I've been researching how to use OpenSCAP to test for
vulnerabilities within my company's infrastructure. Most
specifically, we have a database that stores system
characteristics of all our infrastructure and we were
looking into where exactly in the code OpenSCAP pulls
system information from. Our overall goal would be to alter
the code so we get this information from the database and
not from probing the actual system the code is run on.

We've narrowed down our search to the XML schemas and the
libopenscap.so file (is this is the interface between
the openscap-maint-1.3 source and libopenscap8 library?).

I thought i'd reach out to you to see if you might be able to
point me in the right direction or provide some insights.
And I apologize if i'm stepping over any bounds in asking these
questions.

Thanks for your help!


Adam Horeth

*Software Engineer*

Keyes Security | 242 Washington Street

Watertown, NY 13601

(315) 778-2322 | adam.horeth at keyesinfotech.com <jay.booth at keyessecurity.com>

*A Federally Certified Woman Owned Business*

CONFIDENTIALITY STATEMENT. This email and any attachment is for the sole
use of the intended recipient and may contain private, confidential and/or
privileged information that may be subject to Keyes Information Technology,
LLC internal policies. If you are not the intended recipient, any
dissemination, distribution or copying is strictly prohibited. If you have
received this transmission in error, please notify Keyes Information
Technology, LLC immediately by return email and delete the message and all
copies and attachments from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20201030/6db09c3d/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-bsd0vn3m.png
Type: image/png
Size: 20577 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20201030/6db09c3d/attachment.png>

More information about the Open-scap-list mailing list