file System permissions of log files

Details

In order to prevent modifications to your log files, you can restrict the OS permissions to only be readable/writable by the JBoss user.

Solution

In order to change the location of your log files you can use this Java property at startup jboss.domain.log.dir and set a different log directory (I.E. /var/log/jboss)

-Djboss.domain.log.dir=/var/log/jboss/

Supportive Information

The following resource is also helpful.

https://docs.jboss.org/author/display/AS72/Hardening+Guidelines

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-6b.
CSCv6|3.1

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles