SV-90333r2_rule
V-75653
SRG-OS-000256-GPOS-00097
UBTU-16-020180
CAT II
10
Configure the audit tools to be protected from unauthorized access by setting the correct permissive mode using the following command:
# sudo chmod 0755 [audit_tool]
Replace "[audit_tool]" with the audit tool that does not have the correct permissive mode.
Verify the audit tools are protected from unauthorized access, deletion, or modification by checking the permissive mode.
Check the octal permission of each audit tool by running the following command:
#stat -c "%a %n" /sbin/auditctl /sbin/aureport /sbin/ausearch /sbin/autrace /sbin/auditd /sbin/audispd /sbin/augenrules
755 /sbin/augenrules
If any of the audit tools has a mode more permissive than "0755", this is a finding.
V-75653
False
UBTU-16-020180
Verify the audit tools are protected from unauthorized access, deletion, or modification by checking the permissive mode.
Check the octal permission of each audit tool by running the following command:
#stat -c "%a %n" /sbin/auditctl /sbin/aureport /sbin/ausearch /sbin/autrace /sbin/auditd /sbin/audispd /sbin/augenrules
755 /sbin/augenrules
If any of the audit tools has a mode more permissive than "0755", this is a finding.
M
3075