AlmaLinux OS 9 audit system must protect logon UIDs from unauthorized change.

An XCCDF Rule

Details
Profiles

Description

If modification of login user identifiers (UIDs) is not prevented, they can be changed by nonprivileged users and make auditing complicated or impossible.

ID: SV-269544r1050427_rule
Version: ALMA-09-056780
Severity: Medium
References: CCI-000163
Updated: about 2 months ago

Remediation Templates

Configure AlmaLinux OS 9 auditing to prevent modification of login UIDs once they are set by adding the following line to /etc/audit/rules.d/audit.rules:

--loginuid-immutable

AlmaLinux OS 9 audit system must protect logon UIDs from unauthorized change.

Description

Remediation Templates

A Manual Procedure