Consider adding run-as-user concept

[djhaynes]

As an output of the AI/OVAL Developer Days conversation (March 2011), it was
proposed that the OVAL System Characteristics file would benefit from some
construct that allowed the specification of the user that the scan was run as.

Outstanding questions that would need to be answered:

1. Would this simply record the user at a file level, or at a more detailed
   level. (There are cases where an Interpreter would raise privileges during the
   scan, and should that information also get recorded?)
2. Would use of AI be an appropriate implementation? Or something simpler?

Reference: Minutes from the Developer days conversation, available on the OVAL
web site.

http://oval.mitre.org/community/docs/OVAL_Spring_2011_Developer_Days_Minutes.pdf

[djhaynes]

This item has been deferred from the Version 5.10 release.

[djhaynes]

Recommend that this feature be prototyped using the xsd:any space within the
OVAL System Characteristics <system_info/> element. it is unclear that
the concept will apply to all tools. Some tools raise and lower their
privileges based upon needed access at run time. For this capability to be
useful it may need to reflect the privileges used when collecting each object.

[djhaynes]

This has been moved to the OVAL Language Sandbox on GitHub.

OVALProject/Sandbox#95

[solind]

Note, XCCDF captures this information in the cdf12:identity element. Punting to 5.12.

[zport]

Issue moved to OVAL-Community/OVAL #55 via ZenHub