4.2.4 Ensure permissions on all logfiles are configured

Information

Log files stored in /var/log/ contain logged information from many services on the system, or on log hosts others as well.

Rationale:

It is important to ensure that log files have the correct permissions to ensure that sensitive data is archived and protected.

Solution

Run the following command to set permissions on all existing log files:

# chmod -R g-wx,o-rwx /var/log/*

Notes:

You may also need to change the configuration for your logging software or services for any logs that had incorrect permissions.

Some software or environments may re-set the permissions on these files. Site policy should dictate the appropriate setting for your implementation.

See Also

https://workbench.cisecurity.org/files/2619

Item Details

Category: AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

References: 800-53|AU-6, 800-53|CM-6, CSCv6|3.1, CSCv7|5.1, CSCv7|6

Plugin: Unix

Control ID: fd52019f9f87881b4c303b697dc30d1d3c674d14ce2096370c79ff5cbd51813e