6.2.1.1.2 Ensure journald log file access is configured

Information

Journald will create logfiles that do not already exist on the system. This setting controls what permissions will be applied to these newly created files.

It is important to ensure that log files have the correct permissions to ensure that sensitive data is archived and protected.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

If the default configuration is not appropriate for the site specific requirements, copy /usr/lib/tmpfiles.d/systemd.conf to /etc/tmpfiles.d/systemd.conf and modify as required. Requirements is either 0640 or site policy if that is less restrictive.

See Also

https://workbench.cisecurity.org/benchmarks/17045

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: Unix

Control ID: ef78e9094a8e78844349197f99fb376c6ab46eaf04e800125df03fd5e05d993d