Skip to content

Verify Permissions on /var/log/messages File

An XCCDF Rule

Description

To properly set the permissions of /var/log/messages, run the command:

$ sudo chmod 0640 /var/log/messages

Rationale

The /var/log/messages file contains logs of error messages in the system and should only be accessed by authorized personnel.

ID
xccdf_org.ssgproject.content_rule_file_permissions_var_log_messages
Severity
Medium
References
Updated



Remediation - Ansible

- name: Test for existence /var/log/messages
  stat:
    path: /var/log/messages
  register: file_exists
  tags:
  - CCE-83913-4

Remediation - Shell Script






chmod u-xs,g-xws,o-xwrt /var/log/messages