Check: OSX8-00-00370
Apple OSX 10.8 STIG:
OSX8-00-00370
(in version v1 r2)
Title
The audit log folder must have the correct permissions. (Cat II impact)
Discussion
The audit log folder should have correct permissions.
Check Content
To check the permissions of the audit log files, run the following command: stat -f "%A:%N" `grep "^dir" /etc/security/audit_control | awk -F: '{print $2}'` The results should show the permissions (first column) to be "700" or less permissive. If not, this is a finding.
Fix Text
If the permissions on the audit log file are incorrect, run the following command: sudo chmod 700 /var/audit
Additional Identifiers
Rule ID: SV-65857r1_rule
Vulnerability ID: V-51647
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
Number | Definition |
---|---|
CCI-000164 |
The information system protects audit information from unauthorized deletion. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
---|---|
AU-9 |
Protection Of Audit Information |