mediumloggingverified ✓rollback-safe
Restrict group ownership of /var/log/syslog
syslog-group · UBUNTU ≥ 22 · 1 impl
Description
The /var/log/syslog file must be group-owned by adm so that only the logging service and authorized administrators can read the system log.
Rationale
Correct group ownership of the system log limits read access to authorized administrators, preventing information leakage to unprivileged users.
Check → Remediate
Checkfile_permission
- path:
- /var/log/syslog
- group:
- adm
Remediatefile_permissions
- path:
- /var/log/syslog
- group:
- adm
Framework references
STIG
V-270768 / UBTU-24-700130V-260511 / UBTU-22-232135
NIST 800-53
SI-11
Live verification
ubuntu22:checkubuntu24:checkubuntu26:check
#syslog#ownership#logging