Access to audit files on UNIX

The following characteristics control access to audit files in a UNIX environment and protect them from being accidentally read or deleted:

Ownership:
informix
Group ID:
same as $INFORMIXDIR/aaodir
Permissions:
775
Important: The AAO must be careful when selecting the directory in which the audit files are stored (ADTPATH). The directories in the path must have adequate ownership and access permissions for the level of risk that the AAO allows. The default directory (/tmp) does not have adequate protection.

The following examples show the security configuration for UNIX audit files with no role separation:

aaodir

Ownership:
informix
Group ID:
informix
Permissions:
775

aaodir/adtcfg.std

Ownership:
informix
Group ID:
informix
Permissions:
644

The following examples show the UNIX security configuration with role separation:

aaodir

Ownership:
informix
Group ID:
<aao_group>
Permissions:
775

aaodir/adtcfg.std

Ownership:
informix
Group ID:
<aao_group>
Permissions:
644
Important: Because any account with the group ID of informix or superuser (root) ownership, or both, can access the audit trail, you must exercise care to protect these accounts and their passwords.