How to monitor SUID, SGID permissions using auditd.
Issue
- How do I monitor SUID, SGID permissions using auditd?
- SUID and SGID can be security risks, can we monitor changes to them?
Environment
- Red Hat Enterprise Linux (RHEL)
- auditd
- Architectures
- x86
- x86_64
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.