UCF STIG Viewer Logo

Access to audit configuration files must be restricted.


Overview

Finding ID Version Rule ID IA Controls Severity
V-25380 OSX00680 M6 SV-38570r1_rule ECTP-1 Medium
Description
Audit configuration files are susceptible to unauthorized, and possibly anonymous, tampering if proper permissions are not applied.
STIG Date
MAC OSX 10.6 Workstation Security Technical Implementation Guide Draft 2013-01-10

Details

Check Text ( C-37764r1_chk )
Open a terminal session and enter the following command to view the permissions on the audit control files.

ls -lL /etc/security

If any audit control file has a permission less restricted than 555, this is a finding.
Fix Text (F-33008r1_fix)
Open a terminal session and enter the following command to set the file permissions.

chmod 555 /etc/security/