System log files must not have extended ACLs, except as needed to support authorized software.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| GEN001270-ESXI5-PNF | GEN001270-ESXI5-PNF | GEN001270-ESXI5-PNF_rule | Medium |
| Description |
|---|
| If the system log files are not protected, unauthorized users could change the logged data, eliminating its forensic value. Authorized software may be given log file access through the use of extended ACLs when needed and configured to provide the least privileges required. Applicable, but permanent not-a-finding (No ACLs). |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-GEN001270-ESXI5-PNF_chk ) |
|---|
| ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding. |
| Fix Text (F-GEN001270-ESXI5-PNF_fix) |
|---|
| This requirement is permanent not a finding. No fix is required. |