mirror of
https://github.com/usnistgov/macos_security.git
synced 2026-02-03 14:03:24 +00:00
62 lines
1.2 KiB
YAML
62 lines
1.2 KiB
YAML
id: audit_control_mode_configure
|
|
title: Configure Audit_Control Owner to Mode 440 or Less Permissive
|
|
discussion: |
|
|
/etc/security/audit_control _MUST_ be configured so that it is readable only by the root user and group wheel.
|
|
check: |
|
|
/bin/ls -l /etc/security/audit_control | /usr/bin/awk '!/-r--[r-]-----|current|total/{print $1}' | /usr/bin/wc -l | /usr/bin/xargs
|
|
result:
|
|
integer: 0
|
|
fix: |
|
|
[source,bash]
|
|
----
|
|
/bin/chmod 440 /etc/security/audit_control
|
|
----
|
|
references:
|
|
cce:
|
|
- CCE-95108-7
|
|
cci:
|
|
- CCI-000162
|
|
- CCI-000163
|
|
- CCI-000164
|
|
- CCI-000171
|
|
- CCI-001493
|
|
- CCI-001494
|
|
- CCI-001495
|
|
800-53r5:
|
|
- AU-9
|
|
800-53r4:
|
|
- AU-9
|
|
srg:
|
|
- SRG-OS-000256-GPOS-00097
|
|
- SRG-OS-000057-GPOS-00027
|
|
- SRG-OS-000063-GPOS-00032
|
|
- SRG-OS-000059-GPOS-00029
|
|
- SRG-OS-000257-GPOS-00098
|
|
- SRG-OS-000258-GPOS-00099
|
|
- SRG-OS-000058-GPOS-00028
|
|
disa_stig:
|
|
- APPL-26-001130
|
|
800-171r3:
|
|
- 03.03.08
|
|
cis:
|
|
benchmark:
|
|
- 3.5 (level 1)
|
|
controls v8:
|
|
- 3.3
|
|
cmmc:
|
|
- AU.L2-3.3.8
|
|
macOS:
|
|
- '26.0'
|
|
tags:
|
|
- cis_lvl1
|
|
- cis_lvl2
|
|
- cisv8
|
|
- cnssi-1253_low
|
|
- cnssi-1253_high
|
|
- cmmc_lvl2
|
|
- stig
|
|
- cnssi-1253_moderate
|
|
severity: medium
|
|
mobileconfig: false
|
|
mobileconfig_info:
|