Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-79163

Openscap should intelligently skip scanning directories with an excessive number of files.

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Story Story
    • Resolution: Won't Do
    • Icon: Undefined Undefined
    • None
    • None
    • openscap
    • None
    • Moderate
    • rhel-security-compliance
    • ssg_security
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      Goal

      • To avoid running into OOM issue, Openscap should intelligently skip scanning directories with an excessive number of files.
        • When using the exclusion path method for scanning, potential threats may still be hidden within these paths. Therefore, Openscap should not exclude paths during scanning. Instead, the system should intelligently report if an excessive number of files are being scanned in a particular path and issue a warning to remind users to skip that path. Similarly, if the files to be scanned originate from an NFS file system, the system should notify users that they are scanning on an NFS file system and recommend scanning only local files.

      Acceptance criteria

      Openscap could skip scanning directories with an excessive number of files.

      • When scanning a local directory with more than N files, the Openscap should throw out warnings and abort.
      • When scanning a path of NFS share, the Openscap should throw out warnings and abort.

              jcerny@redhat.com Jan Cerny
              rhn-support-qguo Qi Guo
              Jan Cerny Jan Cerny
              SSG Security QE SSG Security QE
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: