Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-38518 | RHEL-06-000133 | SV-50319r2_rule | Medium |
Description |
---|
The log files generated by rsyslog contain valuable information regarding system configuration, user authentication, and other such information. Log files should be protected from unauthorized access. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2017-04-28 |
Check Text ( None ) |
---|
None |
Fix Text (F-43465r1_fix) |
---|
The owner of all log files written by "rsyslog" should be root. These log files are determined by the second part of each Rule line in "/etc/rsyslog.conf" typically all appear in "/var/log". For each log file [LOGFILE] referenced in "/etc/rsyslog.conf", run the following command to inspect the file's owner: $ ls -l [LOGFILE] If the owner is not "root", run the following command to correct this: # chown root [LOGFILE] |