SRG-OS-000463-GPOS-00207

The operating system must generate audit records when successful/unsuccessful attempts to modify security objects occur.

34 rules found Severity: Medium

33 rules found Severity: Medium

21 rules found Severity: Medium

16 rules found Severity: Medium

17 rules found Severity: Medium

16 rules found Severity: Medium

17 rules found Severity: Medium

10 rules found Severity: Medium

9 rules found Severity: Medium

7 rules found Severity: Medium

4 rules found Severity: Medium

2 rules found Severity: Medium

SRG-OS-000463-GPOS-00207

Record Events that Modify the System's Discretionary Access Controls - fremovexattr

Record Events that Modify the System's Discretionary Access Controls - fsetxattr

Record Events that Modify the System's Discretionary Access Controls - lremovexattr

Record Events that Modify the System's Discretionary Access Controls - lsetxattr

Record Events that Modify the System's Discretionary Access Controls - removexattr

Record Any Attempts to Run chcon

Record Any Attempts to Run restorecon

Record Any Attempts to Run semanage

Record Any Attempts to Run setfiles

Record Any Attempts to Run setsebool

Configure audit according to OSPP requirements

Configure auditing of unsuccessful file accesses

Configure auditing of successful file accesses

Configure auditing of unsuccessful file creations

Configure auditing of successful file creations

Configure auditing of unsuccessful file deletions

Configure auditing of successful file deletions

Configure auditing of unsuccessful file modifications

Configure auditing of successful file modifications

Configure auditing of unsuccessful ownership changes

Configure auditing of successful ownership changes

Configure auditing of unsuccessful permission changes

Configure auditing of successful permission changes

Configure auditing of unsuccessful file accesses (AArch64)

Configure auditing of unsuccessful file accesses (ppc64le)

Configure auditing of successful file accesses (AArch64)

Configure auditing of successful file accesses (ppc64le)

Configure auditing of unsuccessful file creations (AArch64)

Configure auditing of unsuccessful file creations (ppc64le)

Configure auditing of successful file creations (AArch64)

Configure auditing of successful file creations (ppc64le)

Configure auditing of unsuccessful file deletions (AArch64)

Configure auditing of unsuccessful file deletions (ppc64le)

Configure auditing of successful file deletions (AArch64)

Configure auditing of successful file deletions (ppc64le)

Configure auditing of unsuccessful file modifications (AARch64)

Configure auditing of unsuccessful file modifications (ppc64le)

Configure auditing of successful file modifications (AArch64)

Configure auditing of successful file modifications (ppc64le)

Configure auditing of unsuccessful ownership changes (AArch64)

Configure auditing of unsuccessful ownership changes (ppc64le)

Configure auditing of successful ownership changes (AArch64)

Configure auditing of successful ownership changes (ppc64le)

Configure auditing of unsuccessful permission changes (AArch64)

Configure auditing of unsuccessful permission changes (ppc64le)

Configure auditing of successful permission changes (AArch64)

Configure auditing of successful permission changes (ppc64le)