a676e37a84
* Docs are now ordered by STIG ID number to make them easier to browse. * Deployer notes are better organized. * Script + CSV added for automated documentation generation. Implements: blueprint security-hardening Change-Id: Ib87bec701eddf1601574f4e027f301c775e5e1cd
17 lines
781 B
ReStructuredText
17 lines
781 B
ReStructuredText
V-38665: The system package management tool must verify group-ownership on all files and directories associated with the audit package.
|
|
---------------------------------------------------------------------------------------------------------------------------------------
|
|
|
|
Group-ownership of audit binaries and configuration files that is incorrect
|
|
could allow an unauthorized user to gain privileges that they should not have.
|
|
The group-ownership set by the vendor should be maintained. Any deviations
|
|
from this baseline should be investigated.
|
|
|
|
Details: `V-38665 in STIG Viewer`_.
|
|
|
|
.. _V-38665 in STIG Viewer: https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/2015-05-26/finding/V-38665
|
|
|
|
Notes for deployers
|
|
~~~~~~~~~~~~~~~~~~~
|
|
|
|
.. include:: developer-notes/V-38665.rst
|