Verify Permissions on /var/log/syslog File
An XCCDF Rule
Description
To properly set the permissions of /var/log/syslog
, run the command:
$ sudo chmod 0640 /var/log/syslog
Rationale
The /var/log/syslog
file contains logs of error messages in
the system and should only be accessed by authorized personnel.
- ID
- xccdf_org.ssgproject.content_rule_file_permissions_var_log_syslog
- Severity
- Medium
- References
- Updated
Remediation - Shell Script
chmod u-xs,g-xws,o-xwrt /var/log/syslog
Remediation - Ansible
- name: Test for existence /var/log/syslog
stat:
path: /var/log/syslog
register: file_exists
tags:
- configure_strategy