mediumloggingverified ✓rollback-safe
Ensure access to all logfiles has been configured
logfiles-access-configured · RHEL ≥ 8 · 1 impl
Description
Access to log files should be restricted to prevent unauthorized users from viewing or modifying log data.
Rationale
Log files contain sensitive information about system activities. Restricting access protects the integrity of audit trails.
Check → Remediate
Checkcommand
# Check for world-readable log files bad_perms=$(find /var/log -type f -perm /o+r 2>/dev/null | head -5) if [ -n "$bad_perms" ]; then echo "FAIL: Found world-readable log files:" echo "$bad_perms" exit 1 fi echo "OK: Log file permissions are properly configured" exit 0
- expected_exit:
- 0
Remediatefile_permissions
- find_paths:
- /var/log
- find_type:
- f
- find_args:
- -perm /o+r
- mode:
- o-r
Framework references
CIS
rhel8 6.2.3.1rhel9 6.2.4.1rhel10 6.2.4.1
NIST 800-53
AU-9
Live verification
rhel10:checkrhel8:checkrhel9:check
#logging#permissions#security