The Photon operating system audit log must have correct permissions.

An XCCDF Rule

Description

<VulnDiscussion>Audit information includes all information (e.g., audit records, audit settings, audit reports) needed to successfully audit operating system activity. Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-256493r887153_rule
Severity: Medium
References: CCI-000162
Updated: 8 months ago

At the command line, run the following command:

#  chmod 0600 <audit log file>

Replace <audit log file> with the log files more permissive than 0600.

The Photon operating system audit log must have correct permissions.

Description

Remediation - Manual Procedure