UCF STIG Viewer Logo

The SMTP service log file must not have an extended ACL.


Overview

Finding ID Version Rule ID IA Controls Severity
V-227847 GEN004510 SV-227847r603266_rule Medium
Description
If the SMTP service log file has an extended ACL, unauthorized users may be allowed to access or to modify the log file.
STIG Date
Solaris 10 X86 Security Technical Implementation Guide 2020-12-04

Details

Check Text ( C-30009r489916_chk )
Examine /etc/syslog.conf and determine the log file(s) receiving logs for mail.crit, mail.debug, mail.*, or *.crit.
Check the permissions on these log files.
# ls -lL [log file]
If the permissions include a "+", the file has an extended ACL and this is a finding.
Fix Text (F-29997r489917_fix)
Remove the extended ACL from the file.
# chmod A- [log file]