12345678910111213141516171819202122232425262728293031323334353637383940 |
- Some of the original design can still be recognized in the code:
- apt-sec update (DB creation/update)
- - Poll current Debian Packages/Sources files
- - deb2pkg; # map deb-name => pkg-name
- - pkg2src; # map pkg-name => src-name
- - Poll custom-created Sha1Sums file (created from Debian pkgs mirror)
- - sha1map; # map sha1sum => file-path
- - Poll DSAs (email trigger, apt-sec update)
- - src2dsa; # map src-name => dsa_id
- - dsa2cve; # map dsa_id => cve_id
- (- dsatable; # map dsa_id => dsa)
- - Poll CVEs for all the parsed DSAs
- - cvetable; # map cve_id => (rel-date, time-to-fix, score1, score2, score3))
- - Merge/process src2dsa, dsa2cve, cvetable:
- - src2mtbf; # map src-name => MTBFstats
- apt-sec check (Trustworthiness Computation)
- - IMA status as input (local,remote)
- - resolve IMA hashes to pkg names/aliases
- - compute MTBF(pkt)
- - compute aggregated MTBF for current system
- apt-sec show (show stats of pkg)
- apt-sec install/remove
- - show change in overall MTBF based on dpkg db
- html/
- - HTML frontend using index.sh as main CGI script
- mirror/
- - stores upstream advisories, repo files etc
- cache/
- - stores internal databases and outputs
- cronjob.sh
- - called once daily by cron to fetch and process any updates
|