SV-227717r603266_rule
V-227717
SRG-OS-000057
GEN002690
CAT II
10
Change the group ownership of the audit log file(s).
Procedure:
# chgrp root <audit log file>
Determine the location of audit logs and then check the group-ownership.
Procedure:
# more /etc/security/audit_control
# ls -lLd <audit log dir>
If any audit log file is not group-owned by root, bin, or sys, this is a finding.
V-227717
False
GEN002690
Determine the location of audit logs and then check the group-ownership.
Procedure:
# more /etc/security/audit_control
# ls -lLd <audit log dir>
If any audit log file is not group-owned by root, bin, or sys, this is a finding.
M
4061