Detections
Analytics

Catalina - Configure System Log Files Owned by Root and Group to Wheel

Information

The system log files _MUST_ be owned by root.

System logs contain sensitive data about the system and users. If log files are set to only be readable and writable by system administrators, the risk is mitigated.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

[source,bash]
----
/usr/sbin/chown root:wheel $(/usr/bin/stat -f '%Su:%Sg:%N' $(/usr/bin/grep -v '^#' /etc/newsyslog.conf | /usr/bin/awk '{ print $1 }') 2> /dev/null | /usr/bin/awk -F":" '!/^root:wheel:/{print $3}')
----

See Also

https://github.com/usnistgov/macos_security

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-11, CCE|CCE-84942-2, STIG-ID|AOSX-15-004001

Plugin: Unix

Control ID: de82c7d8c32d3a74777c02b68b2810cca063a8d304026f293a90b9c4b0b5c38c