Access to audit files on UNIX™
The following characteristics control access to audit files in a UNIX™ environment and protect them from being accidentally read or deleted:
- Ownership:
- informix
- Group ID:
- same as $INFORMIXDIR/aaodir
- Permissions:
- 775
Important: The AAO must be careful when selecting the
directory in which the audit files are stored (ADTPATH).
The directories in the path must have adequate ownership and access
permissions for the level of risk that the AAO allows. The default
directory (/tmp) does not have adequate protection.
The following examples show the security configuration for UNIX™ audit files with no role separation:
aaodir
- Ownership:
- informix
- Group ID:
- informix
- Permissions:
- 775
aaodir/adtcfg.std
- Ownership:
- informix
- Group ID:
- informix
- Permissions:
- 644
The following examples show the UNIX™ security configuration with role separation:
aaodir
- Ownership:
- informix
- Group ID:
- <aao_group>
- Permissions:
- 775
aaodir/adtcfg.std
- Ownership:
- informix
- Group ID:
- <aao_group>
- Permissions:
- 644
Important: Because any account with the group ID of informix or
superuser (root) ownership, or both, can access the audit trail,
you must exercise care to protect these accounts and their passwords.