Verify the permissions of the audit configuration files The permissions of the audit configuration files must be 0555 or less. [Permission_555] In /etc/security, audit_class, audit_control, audit_event, audit_warn, and audit_user permissions set via chmod. oval:org.secpod.oval:def:24629 SCAP Repo OVAL Definition 2015-06-11