Kubernetes Audit Logs Must Have Mode 0600
An XCCDF Rule
Description
To properly set the permissions of /var/log/kube-apiserver/.*, run the command:
$ sudo chmod 0600 /var/log/kube-apiserver/.*
Rationale
If users can write to audit logs, audit trails can be modified or destroyed.
- ID
- xccdf_org.ssgproject.content_rule_file_permissions_var_log_kube_audit
- Severity
- Medium
- References
- Updated