Detections
Analytics
GEN002690 - System audit logs must be group-owned by bin, sys, or system.
Information
Sensitive system and user information could provide a malicious user with enough information to penetrate further into the system.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Change the group ownership of the audit log file(s). Procedure:# chgrp system < audit log file >
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: AUDIT AND ACCOUNTABILITY
References: 800-53|AU-9, CAT|II, CCI|CCI-000162, Rule-ID|SV-38902r1_rule, STIG-ID|GEN002690, Vuln-ID|V-22702
Plugin: Unix
Control ID: b4e54da38b21a9c739e03521a084a3e91746037940d312ecc1eb9f9d4a89c973