Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The audit log folder must not have ACLs.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-51651 | OSX8-00-00375 | SV-65861r1_rule | Medium |
| Description |
|---|
| The audit log folder should not have ACLs. |
| STIG | Date |
|---|---|
| Apple OS X 10.8 (Mountain Lion) Workstation STIG | 2015-02-10 |
Details
| Check Text ( C-53959r1_chk ) |
|---|
| To check for ACLs of the audit log folder run the following command: ls -le `grep "^dir" /etc/security/audit_control | awk -F: '{print $2 "/"}'` | grep -v current The audit log folder listed should not contain ACLs. ACLs will be listed under any file that may contain them (e.g., "0: group:admin allow list,readattr,reaadextattr,readsecurity"). If the folder contains this information, this is a finding. |
| Fix Text (F-56449r1_fix) |
|---|
| If the log folder has an ACL, run the following command: chmod -N [audit log folder] where [audit log folder] is the full path to the log folder in question. |