Navigate

Check: GEN003623

AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE: GEN003623 (in versions v1 r14 through v1 r10)

Title

The system must use a separate file system for the system audit data path. (Cat III impact)

Discussion

The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.

Check Content

Determine the location of the audit data path. #more /etc/security/audit/config Make note of the binfile and trail location. (The best practice is to have the audit data and trails sent to /audit.) # cd < audit path > #df -k . If the system audit data path is not on a separate file system, this is a finding.

Fix Text

Migrate the system audit data path onto a separate file system. Update the /etc/security/audit/config file as necessary to reflect the location of the audit data.

Additional Identifiers

Rule ID: SV-38872r1_rule

Vulnerability ID: V-23738

Group Title: GEN003623

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001208	The organization partitions the information system into components residing in separate physical domains (or environments) as deemed necessary.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
No controls are assigned to this check