GEN002340 - Audio devices must be owned by root - '/dev/snd/*'

Information

Audio and video devices globally accessible have proven to be another security hazard. There is software that can activate system microphones and video devices connected to user workstations and/or X terminals. Once the microphone has been activated, it is possible to eavesdrop on otherwise private conversations without the victim being aware of it. This action effectively changes the user's microphone into a bugging device.

Solution

Edit the /etc/security/console.perms.d/50-default.perms file and comment the following line:

<console> 0600 <sound> 0660 root.audio

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|AC-6, 800-53|SC-4, CAT|II, CCI|CCI-000225, CCI|CCI-001090, Rule-ID|SV-218362r603259_rule, STIG-ID|GEN002340, STIG-Legacy|SV-63301, STIG-Legacy|V-1049, Vuln-ID|V-218362

Plugin: Unix

Control ID: 92f2371f73932352b0f9d7d3f50bb03e33bec357f81a745ab2095e4a3c6d3c7d