WG250 A22 - Log file access must be restricted to System Administrators, Web Administrators or Auditors.

Information

A major tool in exploring the web site use, attempted use, unusual conditions, and problems are the access and error logs. In the event of a security incident, these logs can provide the SA and the web manager with valuable information. To ensure the integrity of the log files and protect the SA and the web manager from a conflict of interest related to the maintenance of these files, only the members of the Auditors group will be granted permissions to move, copy, and delete these files in the course of their duties related to the archiving of these files.

Solution

Use the chmod command to set the appropriate file permissions on the log files.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_UNIX_V1R11_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, CSCv6|3.1, Rule-ID|SV-33033r1_rule, STIG-ID|WG250_A22, Vuln-ID|V-2252

Plugin: Unix

Control ID: b3f40a71778d73937138b8c5f0b1313afcc0943df2a93e89b01d809dc9ae5233