CCE-90624-8| Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Ensure System Log Files Have Correct Permissions
The file permissions for all log files written by
'rsyslog' should be set to 600, or more restrictive.
These log files are determined by the second part of each Rule line in
'/etc/rsyslog.conf' and typically all appear in '/var/log'.
For each log file
Parameter:
Technical Mechanism:
Log files can contain valuable information regarding system
configuration. If the system log files are not protected unauthorized
users could change the logged data, eliminating their forensic value.
Fix:
No Remediation Info
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : | Attack Vector: |
| Exploit Score: | Attack Complexity: |
| Impact Score: | Privileges Required: |
| Severity: | User Interaction: |
| Vector: | Scope: |
| | Confidentiality: |
| | Integrity: |
| | Availability: |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30315 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31038 |
