Title

Audio devices must be owned by root. (Cat II impact)

Discussion

Globally Accessible audio and video devices have proven to be security hazards. There is software that can activate system microphones and video devices connected to user workstations and/or X terminals. Once the microphone has been activated, it is possible to eavesdrop on otherwise private conversations without the victim being aware of it. This action effectively changes the user's microphone to a bugging device.

Check Content

Check the owner of audio devices. # ls -lL /dev/audio If the owner of any audio device file is not root, this is a finding.

Fix Text

Change the owner of the audio device. # chown root <audio device>

Additional Identifiers

Rule ID: SV-226577r603265_rule

Vulnerability ID: V-226577

Group Title: SRG-OS-000480

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.