Record events that modify the system's mandatory access controlsID: oval:org.secpod.oval:def:46256 | Date: (C)2018-07-05 (M)2023-12-20 |
Class: COMPLIANCE | Family: unix |
Monitor SELinux mandatory access controls. The parameters below monitor any write access (potential additional, deletion or modification of files in the directory) or attribute changes to the /etc/selinux directory.
Changes to files in this directory could indicate that an unauthorized user is attempting to modify access controls and change security contexts, leading to a compromise of the system.