STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Anduril NixOS Security Technical Implementation Guide

V-268121

CAT II (Medium)

NixOS system configuration file directories must have a mode of "0755" or less permissive.

Rule ID

SV-268121r1131046_rule

STIG

Anduril NixOS Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000171

Discussion

Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.

Check Content

Verify that the NixOS audit configuration directories have a mode of "755" or less permissive with the following commands:

$ sudo find -L /etc/audit -type d -exec stat -L -c "%a %n" {} \;

755 /etc/audit

If the audit configuration files have a mode more permissive than "755", this is a finding.

Fix Text

Update the NixOS config, typically stored either in /etc/nixos/configuration.nix or /etc/nixos/flake.nix, to use a mode of 755 or less for directories under /etc/audit.

Rebuild and switch to the new NixOS configuration:
$ sudo nixos-rebuild switch