dccce1d5cc
This patch gets the docs adjusted to work with the new RHEL 7 STIG version 1 release. The new STIG release has changed all of the numbering, but it maintains a link to (most) of the old STIG IDs in the XML. Closes-bug: 1676865 Change-Id: I65023fe63163c9804a3aec9dcdbf23c69bedb604
672 B
672 B
---id: V-72095 status: exception - manual intervention tag: auditd ---
This STIG is difficult to implement in an automated way because the number of applications on a system with setuid/setgid permissions changes over time. In addition, adding audit rules for some of these automatically could cause a significant increase in logging traffic when these applications are used regularly.
Deployers are urged to do the following instead:
- Minimize the amount of applications with setuid/setgid privileges
- Monitor any new applications that gain setuid/setgid privileges
- Add risky applications with setuid/setgid privileges to auditd for detailed syscall monitoring