Ensure successful and unsuccessful attempts to use the chacl command are recordedID: oval:org.secpod.oval:def:95962 | Date: (C)2023-12-19 (M)2023-12-20 |
Class: COMPLIANCE | Family: unix |
The operating system must generate audit records for successful/unsuccessful uses of the chacl command.chacl is an IRIX-compatibility command, and is maintained for those users who are familiar with its use from either XFS or IRIX.Rationale:chacl changes the ACL(s) for a file or directory. Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.