Open-AudIT

What's on your network?
It is currently Mon Jan 22, 2018 2:03 pm

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 3 posts ] 
Author Message
PostPosted: Fri Oct 22, 2010 12:58 am 
Offline
Helper

Joined: Thu Apr 15, 2010 12:28 am
Posts: 83
Hi

Why does the database not reject entries where system_uuid='' aka it is empty? While the database disallows NULL, it does not catch '' because '' is not NULL.

Source of problems? My first few open mac audit script attempts did not always get an UUID from the system. So when it sends the results to my openaudit server, I do sometimes get strange entries, and I have this offsite mac which the user can not update himself :roll: so I cant get it fixed yet.

This bug might also be hit by others who try to develop their own audit client for openaudit. In the future I need a better linux one, but it is not yet a priority for me. But for mobile phones? I can easily see that one day we need OpenAudit for mobile phones.


Top
 Profile  
Reply with quote  
PostPosted: Fri Oct 22, 2010 3:00 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1226
The original audit.vbs script bends over backwards to get a valid UUID. The server side should probably reject blank UUIDs but it's never really been a problem. I think the onus should be on the audit script. What's the point of doing a massive audit and then sending all the data to the server with one glaring error that the auditor should catch.

Given that it should be pretty easy to test for a blank UUID and die or exit in admin_pc_add_2.php.


Top
 Profile  
Reply with quote  
PostPosted: Tue Oct 26, 2010 11:30 pm 
Offline
Helper

Joined: Thu Apr 15, 2010 12:28 am
Posts: 83
jpa wrote:
The original audit.vbs script bends over backwards to get a valid UUID. The server side should probably reject blank UUIDs but it's never really been a problem. I think the onus should be on the audit script. What's the point of doing a massive audit and then sending all the data to the server with one glaring error that the auditor should catch.

Given that it should be pretty easy to test for a blank UUID and die or exit in admin_pc_add_2.php.

yeah I know, and this is probably going to be my solution.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 3 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group