4.1.3 Ensure permissions on all logfiles are configured

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Log files stored in /var/log/ contain logged information from many services on the system, or on log hosts others as well.

Rationale:

It is important to ensure that log files have the correct permissions to ensure that sensitive data is archived and protected.

Solution

Run the following commands to set permissions on all existing log files:

find /var/log -type f -exec chmod g-wx,o-rwx '{}' + -o -type d -exec chmod g-w,o-rwx '{}' +

Additional Information:

You may also need to change the configuration for your logging software or services for any logs that had incorrect permissions.

See Also

https://workbench.cisecurity.org/files/3659