Big Sur – Configure Apple System Log Files Owned by Root and Group to Wheel

Details

The Apple System Logs (ASL) _MUST_ be owned by root.

ASL logs contain sensitive data about the system and users. If ASL log files are set to only be readable and writable by system administrators, the risk is mitigated.

Solution

Run the following bash code

/usr/sbin/chown root:wheel $(/usr/bin/stat -f '%Su:%Sg:%N' $(/usr/bin/grep -e '^>' /etc/asl.conf /etc/asl/* | /usr/bin/awk '{ print $2 }') 2> /dev/null | /usr/bin/awk '!/^root:wheel:/{print $1}' | /usr/bin/awk -F":" '!/^root:wheel:/{print $3}')
----

Supportive Information

The following resource is also helpful.

https://github.com/usnistgov/macos_security

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Unix.

References

800-53|SI-11
800-53|SI-11b.
CCE|CCE-85463-8, CCI|CCI-001314
STIG-ID|APPL-11-004001

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles