The SUSE operating system must not disable syscall auditingID: oval:org.secpod.oval:def:84340 | Date: (C)2022-09-26 (M)2023-05-09 |
Class: COMPLIANCE | Family: unix |
By default, the SUSE operating system includes the "-a task,never" audit rule as a default. This rule suppresses syscall auditing for all tasks started with this rule in effect. Because the audit daemon processes the "audit.rules" file from the top down, this rule supersedes all other defined syscall rules; therefore no syscall auditing can take place on the operating system.
Platform: |
SUSE Linux Enterprise Server 15 |