AOSX-13-002107 - The macOS system must be configured with access control lists (ACLs) for system log files to be set correctly - asl

Information

System logs should only be readable by root or admin users. System logs frequently contain sensitive information that could be used by an attacker. Setting the correct ACLs mitigates this risk.

Solution

For any log file that returns an ACL, run the following command:

/usr/bin/sudo chmod -N [log file]

[log file] is the full path to the log file in question.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_OS_X_10-13_V2R5_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-11b., CAT|II, CCI|CCI-001314, Rule-ID|SV-214931r609363_rule, STIG-ID|AOSX-13-002107, STIG-Legacy|SV-96457, STIG-Legacy|V-81743, Vuln-ID|V-214931

Plugin: Unix

Control ID: a66c280a958c501471b9470304265390ed0c3ea28cbeb2787dcb0112f9da2ea9