Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Red Hat Enterprise Linux 9 Security Technical Implementation Guide
SRG-OS-000063-GPOS-00032
RHEL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access.
RHEL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access.
An XCCDF Rule
Details
Profiles
Prose
RHEL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access.
Medium Severity
<VulnDiscussion>Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>