C2S \ CIS 2.1.1 RHEL 7 alignment "Ensure System Log Files Have Correct Permissions "

[rybal06]

C2S is looking for the following: "The file permissions for all log files written by rsyslog should be set to 600, or more restrictive"

CIS 2.1.1 is looking for: 4.2.4 Ensure permissions on all logfiles are configured (Scored) "Run the following command to set permissions on all existing log files: find /var/log -type f -exec chmod g-wx,o-rwx {} +"

CIS is okay with group having read access, whereas C2S is not.

[shawndwells]

Patches very much welcome!

There is a exceptionally slow effort to update C2S inspiration against the latest CIS baseline. May take awhile to get fixed unless someone particularly cares.

[marcusburghardt]

Already covered by rsyslog_files_permissions rule.