UCF STIG Viewer Logo

The SMTP service log file must have mode 0644 or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-838 GEN004500 SV-838r2_rule ECLP-1 Medium
Description
If the SMTP service log file is more permissive than 0644, unauthorized users may be allowed to change the log file.
STIG Date
SOLARIS 9 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE 2015-10-01

Details

Check Text ( C-8035r2_chk )
Check the mode of the SMTP service log file.

Procedure:
# more /etc/syslog.conf

Check the configuration to determine which log files contain logs for mail.crit, mail.debug, or *.crit.

Procedure:
# ls -lL

If the log file permissions are greater than 0644, this is a finding.
Fix Text (F-992r2_fix)
Change the mode of the SMTP service log file.

Procedure:
# chmod 0644