4.2.2.3 Ensure syslog-ng default file permissions configured (Scored)

Level 1 - Server 
Level 1 - Workstation

syslog-ng will create logfiles that do not already exist on the system. This setting controls what permissions will be applied to these newly created files.

It is important to ensure that log files exist and have the correct permissions to ensure that sensitive syslog-ng data is archived and protected.

Run the following command and verify the perm option is 0640 or more restrictive:

# grep ^options /etc/syslog-ng/syslog-ng.conf 
options { chain_hostnames(off); flush_lines(0); perm(0640); stats_freq(3600);
threaded(yes); };

Edit the /etc/syslog-ng/syslog-ng.conf and set perm option to 0640 or more restrictive:

options { chain_hostnames(off); flush_lines(0); perm(0640); stats_freq(3600); threaded(yes); };

See the syslog-ng man pages for more information.

  • ubuntu1604/4/2/2/3.txt
  • Last modified: 2017/05/03 01:16
  • by Piotr K┼éoczewski