HIDS 80730

From Atomicorp Wiki
Jump to: navigation, search
Rule 1
Status Active
Alert Message SELinux event


[edit] Description

SELinux has logged a permissions violation event in permissive mode.

[edit] What you should do

This means that an application that would normally be prevented from performing an action by SELinux was allowed due to permissive mode settings. At the very least, this means the SELinux policy needs to be updated. It could also indicate a malicious application or user is attempting to compromise the host.

[edit] Troubleshooting

[edit] False Positives

There are no false positives with this rule.

[edit] Tuning Guidance

There is no guidance for tuning this rule, this is a generic selinux error and the rule should not be disabled.

[edit] Additional Information

[edit] Support

If you are unsure about how to respond to this alert, please contact Atomicorp support. We're here to help you!

[edit] Similar Rules


[edit] Knowledge Base Articles


Personal tools