GEN002690 - System audit logs must be group-owned by root, bin, sys, or system.

Information

Sensitive system and user information could provide a malicious user with enough information to penetrate further into the system.

Solution

Change the group ownership of the audit log file(s).

Procedure:
# chgrp root <audit log file>

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Audit Name: DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-9, CAT|II, CCI|CCI-000162, CCI|CCI-000163, Group-ID|V-22702, Rule-ID|SV-37914r1_rule, STIG-ID|GEN002690, Vuln-ID|V-22702

Plugin: Unix

Control ID: 6073bc0c9f2ae554e2f222eaf52ab63dd87c05c1b151a5d78dc0096c47d29f81