V-38552: The audit system must be configured to audit all discretionary access control permission modifications using fchown.
-----------------------------------------------------------------------------------------------------------------------------

The changing of file permissions could indicate that a user is attempting to
gain access to information that would otherwise be disallowed. Auditing DAC
modifications can facilitate the identification of patterns of abuse among
both authorized and unauthorized users.

Details: `V-38552 in STIG Viewer`_.

.. _V-38552 in STIG Viewer: https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/2015-05-26/finding/V-38552

Notes for deployers
~~~~~~~~~~~~~~~~~~~

.. include:: developer-notes/V-38552.rst