[Forgot Password]
Login  Register Subscribe

25354

 
 

132804

 
 

134339

 
 

909

 
 

108885

 
 

152

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-92919-0

Platform: ubuntu19.04Date: (C)2019-11-07   (M)2019-11-07



Record Events That Modify the System's Mandatory Access Controls Monitor SELinux mandatory access controls. The parameters below monitor any write access (potential additional, deletion or modification of files in the directory) or attribute changes to the /etc/selinux directory.


Parameter:


Technical Mechanism: Changes to files in this directory could indicate that an unauthorized user is attempting to modify access controls and change security contexts, leading to a compromise of the system. Fix: Add the following lines to the /etc/audit/audit.rules file. Add the following lines to /etc/audit/audit.rules -w /etc/selinux/ -p wa -k MAC-policy # Execute the following command to restart auditd # pkill -P 1-HUP auditd

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:55132


OVAL    1
oval:org.secpod.oval:def:55132
XCCDF    1
xccdf_org.secpod_benchmark_general_Ubuntu_19_04

© SecPod Technologies