3.7.1.6 /var/adm/ras

Information

The /var/adm/ras directory contains log files which contain sensitive information such as login times and IP addresses.

Rationale:

The log files in the /var/adm/ras directory can contain sensitive information such as login times and IP addresses, which may be altered by an attacker when removing traces of system access. All files in this directory must be secured from unauthorized access and modifications.

Solution

Remove world read and write access from all files in /var/adm/ras:

chmod o-rw /var/adm/ras/*

Default Value:

N/A

See Also

https://workbench.cisecurity.org/files/4119

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: Unix

Control ID: f7264c2e6c20cc816825080fedab4c0430cf90fd03a3cdc371a2f2434af35a29