Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-50867 | OL6-00-000280 | SV-65073r1_rule | Medium |
Description |
---|
Group-ownership of audit binaries and configuration files that is incorrect could allow an unauthorized user to gain privileges that they should not have. The group-ownership set by the vendor should be maintained. Any deviations from this baseline should be investigated. |
STIG | Date |
---|---|
Oracle Linux 6 Security Technical Implementation Guide | 2020-05-15 |
Check Text ( C-53339r1_chk ) |
---|
The following command will list which audit files on the system have group-ownership different from what is expected by the RPM database: # rpm -V audit | grep '^......G' If there is output, this is a finding. |
Fix Text (F-55661r1_fix) |
---|
The RPM package management system can restore file group-ownership of the audit package files and directories. The following command will update audit files with group-ownership different from what is expected by the RPM database: # rpm --setugids audit |