Detections
Analytics
GEN002690 - System audit logs must be group-owned by bin, sys, or system.
Information
Sensitive system and user information could provide a malicious user with enough information to penetrate further into the system.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Change the group ownership of the audit log file(s). Procedure:# chgrp system < audit log file >
See Also
https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip
Item Details
Audit Name: DISA STIG AIX 6.1 v1r14
Category: AUDIT AND ACCOUNTABILITY
References: 800-53|AU-9, CAT|II, CCI|CCI-000162, CCI|CCI-000163, Group-ID|V-22702, Rule-ID|SV-38902r1_rule, STIG-ID|GEN002690, Vuln-ID|V-22702
Plugin: Unix
Control ID: 29bd6046991d846af693dc988a15f635b3f4bebbb6c9a586100d759cd6d3e1ce