Standard System Security Profile for openEuler 22.03 LTS
Rules and Groups employed by this XCCDF Profile
-
Ensure auditd Collects System Administrator Actions - /etc/sudoers
At a minimum, the audit system should collect administrator actions for all users and root. If the <code>auditd</code> daemon is configured to use ...Rule Medium Severity -
Record Events that Modify User/Group Information - /etc/group
If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...Rule Medium Severity -
Record Events that Modify User/Group Information - /etc/gshadow
If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...Rule Medium Severity -
Record Events that Modify User/Group Information - /etc/security/opasswd
If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...Rule Medium Severity -
Record Events that Modify User/Group Information - /etc/passwd
If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...Rule Medium Severity -
Record Events that Modify User/Group Information - /etc/shadow
If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...Rule Medium Severity -
Record Unauthorized Access Attempts Events to Files (unsuccessful)
At a minimum, the audit system should collect unauthorized file accesses for all users and root. Note that the "-F arch=b32" lines should be presen...Group -
Record Successful Permission Changes to Files - chmod
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record Successful Ownership Changes to Files - chown
At a minimum, the audit system should collect file ownership changes for all users and root. If the <code>auditd</code> daemon is configured to use...Rule Medium Severity -
Record Successful Permission Changes to Files - fchmod
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record Successful Permission Changes to Files - fchmodat
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record Successful Ownership Changes to Files - fchown
At a minimum, the audit system should collect file ownership changes for all users and root. If the <code>auditd</code> daemon is configured to use...Rule Medium Severity -
Record Successful Ownership Changes to Files - fchownat
At a minimum, the audit system should collect file ownership changes for all users and root. If the <code>auditd</code> daemon is configured to use...Rule Medium Severity -
Record Successful Permission Changes to Files - fremovexattr
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record Successful Permission Changes to Files - fsetxattr
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record Successful Permission Changes to Files - lremovexattr
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record Successful Permission Changes to Files - lsetxattr
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record Successful Permission Changes to Files - removexattr
At a minimum, the audit system should collect file permission changes for all users and root. If the <code>auditd</code> daemon is configured to us...Rule Medium Severity -
Record Successful Delete Attempts to Files - rename
At a minimum, the audit system should collect file deletion for all users and root. If the <code>auditd</code> daemon is configured to use the <cod...Rule Medium Severity -
Record Successful Delete Attempts to Files - renameat
At a minimum, the audit system should collect file deletion for all users and root. If the <code>auditd</code> daemon is configured to use the <cod...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.