octool 0.0.10 → 0.0.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/octool +7 -1
- data/lib/octool/constants.rb +1 -0
- data/lib/octool/ssp.rb +13 -1
- data/lib/octool/version.rb +1 -1
- data/octool.rdoc +8 -1
- data/templates/ssp.erb +70 -4
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7421bbf076967b16d0210f813f936c0a75b572694071ad6674cdbd2368bfc5ff
|
|
4
|
+
data.tar.gz: 849f56075a2a9815fdb225518fb3579c817ed570382f8cd3a3b2f35916d6e9a4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5bb0a131801cc5003fc2102e7efcab828a6f65099b9f0e65e5df4472ff137ba1f52479b7b9f454cfe75f3551d36d6c6cdfe94cccbf9429aeff2a847713afd779
|
|
7
|
+
data.tar.gz: ee327ac99c2a3036c474ffb7d370c99d23af9afc2e3bc36a6d1fd10573f8f0e7f0e872633797ee25819bafe9f3dd73f0871a4d23741f6ce41f2dc14e69c82bc1
|
data/bin/octool
CHANGED
|
@@ -77,12 +77,18 @@ class App
|
|
|
77
77
|
s.arg_name 'path/to/output/dir'
|
|
78
78
|
s.flag [:d, :dir]
|
|
79
79
|
|
|
80
|
+
s.desc 'Set SSP version'
|
|
81
|
+
s.default_value OCTool::DEFAULT_SSP_VERSION
|
|
82
|
+
s.long_desc 'Underscores are replaced by spaces'
|
|
83
|
+
s.arg_name 'VERSION'
|
|
84
|
+
s.flag :version
|
|
85
|
+
|
|
80
86
|
s.action do |global_options, options, args|
|
|
81
87
|
export_dir = options[:dir]
|
|
82
88
|
config_file = find_config(args)
|
|
83
89
|
system = OCTool::Parser.new(config_file).load_system
|
|
84
90
|
Dir.chdir File.dirname(config_file) do
|
|
85
|
-
OCTool::SSP.new(system, export_dir).generate
|
|
91
|
+
OCTool::SSP.new(system, export_dir).generate(options[:version])
|
|
86
92
|
end
|
|
87
93
|
end
|
|
88
94
|
end
|
data/lib/octool/constants.rb
CHANGED
data/lib/octool/ssp.rb
CHANGED
|
@@ -1,13 +1,24 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require 'date'
|
|
3
4
|
require 'erb'
|
|
4
5
|
|
|
5
6
|
module OCTool
|
|
6
7
|
# Build DB, CSV, and markdown.
|
|
7
8
|
class SSP
|
|
9
|
+
attr_reader :build_date
|
|
10
|
+
attr_reader :version
|
|
11
|
+
|
|
8
12
|
def initialize(system, output_dir)
|
|
9
13
|
@system = system
|
|
10
14
|
@output_dir = output_dir
|
|
15
|
+
@version = OCTool::DEFAULT_SSP_VERSION
|
|
16
|
+
@build_date = DateTime.now
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def version=(version)
|
|
20
|
+
# LaTeX fancyheader aborts on underscore in footer.
|
|
21
|
+
@version = version.to_s.gsub(/_+/, ' ')
|
|
11
22
|
end
|
|
12
23
|
|
|
13
24
|
def pandoc
|
|
@@ -22,7 +33,8 @@ module OCTool
|
|
|
22
33
|
exit(1)
|
|
23
34
|
end
|
|
24
35
|
|
|
25
|
-
def generate
|
|
36
|
+
def generate(version = nil)
|
|
37
|
+
self.version = version if version
|
|
26
38
|
unless File.writable?(@output_dir)
|
|
27
39
|
warn "[FAIL] #{@output_dir} is not writable"
|
|
28
40
|
exit(1)
|
data/lib/octool/version.rb
CHANGED
data/octool.rdoc
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
== octool - Open Compliance Tool
|
|
2
2
|
|
|
3
|
-
v0.0.
|
|
3
|
+
v0.0.11
|
|
4
4
|
|
|
5
5
|
=== Global Options
|
|
6
6
|
=== --help
|
|
@@ -48,6 +48,13 @@ where to store outputs
|
|
|
48
48
|
[Default Value] /tmp
|
|
49
49
|
Default output directory respects env vars TMPDIR, TMP, TEMP
|
|
50
50
|
|
|
51
|
+
===== --version VERSION
|
|
52
|
+
|
|
53
|
+
Set SSP version
|
|
54
|
+
|
|
55
|
+
[Default Value] unset
|
|
56
|
+
Underscores are replaced by spaces
|
|
57
|
+
|
|
51
58
|
==== Command: <tt>validate </tt>
|
|
52
59
|
Check sanity of configuration
|
|
53
60
|
|
data/templates/ssp.erb
CHANGED
|
@@ -8,10 +8,17 @@ title: |
|
|
|
8
8
|
title: "<%= @system.config['name'] -%>"
|
|
9
9
|
<% end %>
|
|
10
10
|
|
|
11
|
-
subtitle:
|
|
11
|
+
subtitle: |
|
|
12
|
+
System Security Plan
|
|
13
|
+
|
|
14
|
+
<%=build_date.strftime('%Y-%b-%d')%>
|
|
15
|
+
|
|
16
|
+
<% unless version == OCTool::DEFAULT_SSP_VERSION -%>
|
|
17
|
+
Version <%=version%>
|
|
18
|
+
<% end -%>
|
|
12
19
|
|
|
13
20
|
author:
|
|
14
|
-
<% @system.config['maintainers'].each do |maintainer|
|
|
21
|
+
<% @system.config['maintainers'].each do |maintainer| -%>
|
|
15
22
|
- <%= maintainer -%>
|
|
16
23
|
<% end %>
|
|
17
24
|
|
|
@@ -48,7 +55,7 @@ pagestyle: headings
|
|
|
48
55
|
papersize: letter
|
|
49
56
|
geometry:
|
|
50
57
|
- top=2cm
|
|
51
|
-
- left=
|
|
58
|
+
- left=3cm
|
|
52
59
|
- right=2cm
|
|
53
60
|
- bottom=2cm
|
|
54
61
|
|
|
@@ -94,6 +101,63 @@ header-includes:
|
|
|
94
101
|
\usepackage{float}
|
|
95
102
|
\floatplacement{figure}{H}
|
|
96
103
|
```
|
|
104
|
+
- |
|
|
105
|
+
```{=latex}
|
|
106
|
+
% https://tex.stackexchange.com/a/32537
|
|
107
|
+
\usepackage{lastpage}
|
|
108
|
+
|
|
109
|
+
% https://ctan.org/pkg/fancyhdr?lang=en
|
|
110
|
+
\usepackage{fancyhdr}
|
|
111
|
+
|
|
112
|
+
\pagestyle{fancy}
|
|
113
|
+
<% unless version == OCTool::DEFAULT_SSP_VERSION %>
|
|
114
|
+
\fancyfoot[L]{Version: <%=version-%>}
|
|
115
|
+
<% end %>
|
|
116
|
+
\fancyfoot[C]{<%=build_date.strftime('%Y-%b-%d')-%>}
|
|
117
|
+
\fancyfoot[R]{\thepage\ of\ \pageref{LastPage}}
|
|
118
|
+
\renewcommand{\footrulewidth}{0.4pt} % thickness
|
|
119
|
+
\renewcommand{\headrulewidth}{0.4pt} % thickness
|
|
120
|
+
\fancypagestyle{plain}{\fancyhead{}\renewcommand{\headrule}{}}
|
|
121
|
+
```
|
|
122
|
+
- |
|
|
123
|
+
```{=latex}
|
|
124
|
+
% Which bullet glyphs are avaiable?
|
|
125
|
+
% http://texdoc.net/texmf-dist/doc/latex/comprehensive/symbols-a4.pdf TABLE 50
|
|
126
|
+
%
|
|
127
|
+
% https://learnbyexample.github.io/tutorial/ebook-generation/customizing-pandoc/
|
|
128
|
+
% https://tex.stackexchange.com/questions/174244/change-the-shape-of-the-bullet-list
|
|
129
|
+
% https://texblog.org/2008/10/16/lists-enumerate-itemize-description-and-how-to-change-them/
|
|
130
|
+
% https://tex.stackexchange.com/a/64899
|
|
131
|
+
% https://ctan.org/pkg/enumitem?lang=en
|
|
132
|
+
% https://www.latex4technics.com/?note=2vy0
|
|
133
|
+
%
|
|
134
|
+
%\usepackage{amsfonts}
|
|
135
|
+
%
|
|
136
|
+
% Make bullets small
|
|
137
|
+
%\renewcommand{\labelitemi}{\tiny $\textbullet$}
|
|
138
|
+
%\renewcommand{\labelitemii}{\tiny $\textopenbullet$}
|
|
139
|
+
%\renewcommand{\labelitemiii}{\tiny $\triangleright$}
|
|
140
|
+
%
|
|
141
|
+
% Align bullets to left margin and make small
|
|
142
|
+
% https://tex.stackexchange.com/a/86408
|
|
143
|
+
%\usepackage{enumitem}
|
|
144
|
+
%\usepackage{graphicx}
|
|
145
|
+
%\setlist[itemize,1]{leftmargin=*,label=\scalebox{.8}{$\textbullet$}}
|
|
146
|
+
%\setlist[itemize,2]{leftmargin=*,label=\scalebox{.8}{$\textopenbullet$}}
|
|
147
|
+
%\setlist[itemize,3]{leftmargin=*,label=\scalebox{.8}{\triangleright}}
|
|
148
|
+
%
|
|
149
|
+
% Align bullets to left margin and use normal font
|
|
150
|
+
\usepackage{enumitem}
|
|
151
|
+
\setlist[itemize,1]{leftmargin=*,label=$\textbullet$}
|
|
152
|
+
\setlist[itemize,2]{leftmargin=*,label=$\textopenbullet$}
|
|
153
|
+
\setlist[itemize,3]{leftmargin=*,label=\triangleright}
|
|
154
|
+
%
|
|
155
|
+
% Align bullets to left margin and use slightly smaller font
|
|
156
|
+
%\usepackage{MnSymbol}
|
|
157
|
+
%\setlist[itemize,1]{leftmargin=*,label=$\bullet$}
|
|
158
|
+
%\setlist[itemize,2]{leftmargin=*,label=$\circ$}
|
|
159
|
+
%\setlist[itemize,3]{leftmargin=*,label=\blacktriangleright}
|
|
160
|
+
```
|
|
97
161
|
---
|
|
98
162
|
|
|
99
163
|
# Introduction
|
|
@@ -107,13 +171,15 @@ on an information system and their implementation. An SSP provides:
|
|
|
107
171
|
- Description of components and services
|
|
108
172
|
- System data flows and authorization boundaries
|
|
109
173
|
|
|
174
|
+
The SSP is also a tool to guide the assessment of the effectiveness
|
|
175
|
+
of controls within the system.
|
|
110
176
|
|
|
111
177
|
## Standards
|
|
112
178
|
|
|
113
179
|
This SSP draws from these standards:
|
|
114
180
|
|
|
115
181
|
<% @system.standards.each do |s| -%>
|
|
116
|
-
- <%=
|
|
182
|
+
- <%=s['name']-%> (<%=s['standard_key']-%>)
|
|
117
183
|
<% end %>
|
|
118
184
|
|
|
119
185
|
The full copy of each standard is included in the appendix.
|