Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-239536 | VROM-SL-000585 | SV-239536r662059_rule | Medium |
Description |
---|
If the SMTP service log file is more permissive than 0644, unauthorized users may be allowed to change the log file. |
STIG | Date |
---|---|
VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide | 2023-09-21 |
Check Text ( C-42769r662057_chk ) |
---|
Check the permissions on the mail log files: # ls -la /var/log/mail # ls -la /var/log/mail.info # ls -la /var/log/mail.warn # ls -la /var/log/mail.err If the log file permissions are greater than "0644", this is a finding. |
Fix Text (F-42728r662058_fix) |
---|
Change the mode of the sendmail log files to "0644": # chmod 0644 |