Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== 4.2.1.3 Ensure rsyslog default file permissions configured (Scored) ====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== ''rsyslog'' will create logfiles that do not already exist on the system. This setting controls what permissions will be applied to these newly created files. =====Rationale===== It is important to ensure that log files have the correct permissions to ensure that sensitive data is archived and protected. =====Audit===== Run the following command and verify that ''$FileCreateMode'' is ''0640'' or more restrictive: <Code:bash> # grep ^\$FileCreateMode /etc/rsyslog.conf </Code> =====Remediation===== Edit the /etc/rsyslog.conf and set $FileCreateMode to 0640 or more restrictive: <Code:bash> $FileCreateMode 0640 </Code> =====References===== See the ''rsyslog.conf(5)'' man page for more information. =====Notes===== You should also ensure this is not overridden with less restrictive settings in any ''/etc/rsyslog.d/*'' conf file. centos7/4/2/1/3.txt Last modified: 2017/05/04 18:19by Piotr Kłoczewski