Verify /var/log directory permissionsID: oval:org.secpod.oval:def:97838 | Date: (C)2024-02-08 (M)2024-02-12 |
Class: COMPLIANCE | Family: unix |
Linux has a special directory for storing logs called /var/log. This directory contains logs from the OS itself, services, and various applications running on the system. Only authorized personnel should be aware of logs and the details of the logs. It is critical to ensure that the /var/log directory is protected from unauthorized access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.