GEN001260 - System log files must have mode 0640 or less permissive - /var/adm/*

Information

If the system log files are not protected, unauthorized users could change the logged data, eliminating its forensic value.

Solution

Change the mode of the system log file(s) to 0640 or less permissive.

Procedure:
# chmod '0640' /path/to/system-log-file

NOTE: Do not confuse system log files with audit logs. Any subsystems that require less stringent permissions must be documented.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_x86_V2R4_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-11b., CAT|II, CCI|CCI-001314, Rule-ID|SV-227619r603266_rule, STIG-ID|GEN001260, STIG-Legacy|SV-39832, STIG-Legacy|V-787, Vuln-ID|V-227619

Plugin: Unix

Control ID: 74f00eafd67ef30e3abdb179e0546518d05ae45537be6536c8a643d4af7b1735