UCF STIG Viewer Logo

System audit tool executables must be owned by root.


Overview

Finding ID Version Rule ID IA Controls Severity
GEN002715-ESXI5-PNF GEN002715-ESXI5-PNF GEN002715-ESXI5-PNF_rule Low
Description
To prevent unauthorized access or manipulation of system audit logs, the tools for manipulating those logs must be protected. Applicable, but permanent not-a-finding - Not a General Purpose (GP) OS. VMware's ESXi-v5 is a multi-user kernel where all users are "administrator" with either: Administrator with Full and partial (configurable) privileges, Read-only, or No Access. In this case, the file owner, group-owner and mode(s) have no meaning. Audit logs/tools are stored on a remote system.
STIG Date
VMware ESXi v5 Security Technical Implementation Guide 2013-01-15

Details

Check Text ( C-GEN002715-ESXI5-PNF_chk )
ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding.
Fix Text (F-GEN002715-ESXI5-PNF_fix)
This requirement is permanent not a finding. No fix is required.