UCF STIG Viewer Logo

The Photon operating system audit files and directories must have correct permissions.


Overview

Finding ID Version Rule ID IA Controls Severity
V-239120 PHTN-67-000049 SV-239120r675168_rule Medium
Description
Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operations on audit information.
STIG Date
VMware vSphere 6.7 Photon OS Security Technical Implementation Guide 2022-06-17

Details

Check Text ( C-42331r675166_chk )
At the command line, execute the following command:

# stat -c "%n is owned by %U and group owned by %G" /etc/audit/auditd.conf

If auditd.conf is not owned by root and group owned by root, this is a finding.
Fix Text (F-42290r675167_fix)
At the command line, execute the following command:

# chown root:root /etc/audit/auditd.conf